{"vulnerability": "cve-2025-0289", "sightings": [{"uuid": "2246afe4-d491-4a57-86a8-71835458127f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0289", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-babda8d6-67948ad372f1faad", "content": "", "creation_timestamp": "2025-06-05T10:21:31.032436Z"}, {"uuid": "24dfd8b2-c965-48eb-baf8-e48f1f46c1c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0289", "type": "seen", "source": "https://t.me/cvedetector/19386", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-0289 - Paragon Partition Manager Kernel Resource Access Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-0289 \nPublished : March 3, 2025, 5:15 p.m. | 1\u00a0hour, 1\u00a0minute ago \nDescription : Paragon Partition Manager version 17, both community and Business versions, contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-03T19:44:16.000000Z"}, {"uuid": "5614c4d6-eef4-40fd-be00-7de07cc86008", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0289", "type": "exploited", "source": "https://t.me/thehackernews/6425", "content": "Paragon Partition Manager's BioNTdrv.sys driver has a critical vulnerability (CVE-2025-0289) exploited in ransomware attacks.\n\nAttackers with local access can escalate privileges and run malicious code on Windows systems.\n\nRead the full analysis here: https://thehackernews.com/2025/03/hackers-exploit-paragon-partition.html", "creation_timestamp": "2025-03-03T14:37:50.000000Z"}, {"uuid": "110344ce-508f-488f-982e-b46b07a8b858", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0289", "type": "seen", "source": "https://thehackernews.com/2025/03/hackers-exploit-paragon-partition.html", "content": "", "creation_timestamp": "2025-03-03T12:56:00.000000Z"}, {"uuid": "37107f98-5d2c-4712-bcb3-f0341245235c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0289", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3ljh4q7nxjc2y", "content": "", "creation_timestamp": "2025-03-03T04:34:36.134323Z"}, {"uuid": "ebe4167d-ec70-4dc2-b702-a23e21ac970d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0289", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ljjisi2hss2j", "content": "", "creation_timestamp": "2025-03-04T03:15:57.246671Z"}, {"uuid": "b4f3bcb8-0f6a-4453-902a-aad2e3e25ffc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0289", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9175", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-0289\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Paragon Partition Manager version 17.9.1, both community and Business versions, contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service.\n\ud83d\udccf Published: 2025-03-03T16:24:38.134Z\n\ud83d\udccf Modified: 2025-03-27T19:18:08.017Z\n\ud83d\udd17 References:\n1. https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys\n2. https://www.kb.cert.org/vuls/id/726882\n3. https://www.paragon-software.com/support/#patches", "creation_timestamp": "2025-03-27T19:26:46.000000Z"}, {"uuid": "acde1961-73e3-4ccd-a35b-dbc928fe249c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0289", "type": "exploited", "source": "https://t.me/claytechsolution/165", "content": "The Hacker News\nHackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks\n\nThreat actors have been exploiting a security vulnerability in Paragon Partition Manager's BioNTdrv.sys driver in ransomware attacks to escalate privileges and execute arbitrary code.\nThe zero-day flaw (CVE-2025-0289) is part of a set of five vulnerabilities that was discovered by Microsoft, according to the CERT Coordination Center (CERT/CC).\n\"These include arbitrary kernel memory mapping and", "creation_timestamp": "2025-03-03T14:08:40.000000Z"}, {"uuid": "e3fb6b92-d0e1-499c-81c5-afd656c392be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0289", "type": "exploited", "source": "https://t.me/SecLabNews/16256", "content": "\ud83d\udd75\u200d\u2642\ufe0f \u0423\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440 Paragon = \u0432\u0445\u043e\u0434\u043d\u043e\u0439 \u0431\u0438\u043b\u0435\u0442 \u0434\u043b\u044f \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u0432 Windows\n\n\ud83d\udd11 \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Microsoft \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u043f\u044f\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 BioNTdrv.sys, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043e\u0439 Paragon Partition Manager. \u041e\u0434\u043d\u0430 \u0438\u0437 \u043d\u0438\u0445 (CVE-2025-0289) \u0443\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u043c\u0438 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0443\u0440\u043e\u0432\u043d\u044f SYSTEM \u0432 Windows.\n\n\ud83d\udc80  \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043c\u0435\u0442\u043e\u0434\u0438\u043a\u0443 BYOVD, \u0432\u043d\u0435\u0434\u0440\u044f\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440 \u043d\u0430 \u0430\u0442\u0430\u043a\u0443\u0435\u043c\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 Paragon Partition Manager \u043d\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d. \u0411\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0442\u043e\u043c\u0443, \u0447\u0442\u043e \u0434\u0440\u0430\u0439\u0432\u0435\u0440 \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d Microsoft, \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u043c\u043e\u0433\u0443\u0442 \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0437\u0430\u0449\u0438\u0442\u043d\u044b\u0435 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438.\n\n\ud83d\uded1 \u0414\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u0430\u0442\u0430\u043a \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043e\u043f\u0446\u0438\u044e \u00ab\u0421\u043f\u0438\u0441\u043e\u043a \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432\u00bb \u0432 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u0445 Windows. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c Partition Manager \u0438 Hard Disk Manager \u043e\u0442 Paragon \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u043c BioNTdrv.sys 2.0.0.\n\n#\u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 #Windows #BYOVD", "creation_timestamp": "2025-03-04T10:45:33.000000Z"}, {"uuid": "a8dbe97e-0719-4464-8654-a410d20e7b71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0289", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/114093771201977118", "content": "", "creation_timestamp": "2025-03-02T16:26:33.294831Z"}, {"uuid": "557f38a9-1b86-4c9f-92d0-a12c53c113f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0289", "type": "seen", "source": "https://bsky.app/profile/allthebuzz.bsky.social/post/3ljish2qzgs2b", "content": "", "creation_timestamp": "2025-03-03T20:35:50.745605Z"}, {"uuid": "e6b3ea51-e160-4b78-9cf5-84c7bea27e75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0289", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ljjnlzzn4b2o", "content": "", "creation_timestamp": "2025-03-04T04:41:49.985458Z"}, {"uuid": "7fb436f2-aa11-4511-8fae-3c2de8cb91cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0289", "type": "seen", "source": "MISP/e1f6260f-3311-441b-92ae-e04cd5eb5f72", "content": "", "creation_timestamp": "2025-08-19T13:26:45.000000Z"}, {"uuid": "a2ed6d1d-7b1d-453e-a985-ce10883ebc16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0289", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6225", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-0289\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Paragon Partition Manager version 17, both community and Business versions, contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service.\n\ud83d\udccf Published: 2025-03-03T16:24:38.134Z\n\ud83d\udccf Modified: 2025-03-03T16:24:38.134Z\n\ud83d\udd17 References:\n1. https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys\n2. https://www.kb.cert.org/vuls/id/726882", "creation_timestamp": "2025-03-03T16:30:29.000000Z"}, {"uuid": "423a1ca6-bca2-4a99-93e4-80c6fcfb0244", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0289", "type": "exploited", "source": "https://t.me/true_secator/6798", "content": "Microsoft \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043f\u044f\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 Paragon Partition Manager BioNTdrv.sys, \u043e\u0434\u043d\u0430 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 0-day \u0431\u0430\u043d\u0434\u0430\u043c\u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 BYOVD \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 SYSTEM \u0432 Windows.\n\n\u0414\u0440\u0430\u0439\u0432\u0435\u0440 Biontdrv.sys \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0447\u0430\u0441\u0442\u044c\u044e Hard Disk Manager \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430 \u043d\u0435\u043c \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u044b, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a Paragon Partition Manager \u0438 Backup and Recovery.\n\n\u0421\u0440\u0435\u0434\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c: \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u0430\u044f \u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u043f\u0430\u043c\u044f\u0442\u044c \u044f\u0434\u0440\u0430 (CVE-2025-0288), \u0440\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f (CVE-2025-0287), \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u0430\u044f \u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u043f\u0430\u043c\u044f\u0442\u044c \u044f\u0434\u0440\u0430 (CVE-2025-0286), \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0435 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u044f\u0434\u0440\u0430 (CVE-2025-0285) \u0438 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u044f\u0434\u0440\u0430 (CVE-2025-0289).\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c\u00a0CERT/CC, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0438\u043c\u0435\u044e\u0449\u0438\u0439 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443, \u043c\u043e\u0436\u0435\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u0438\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438\u043b\u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0435 \u0436\u0435\u0440\u0442\u0432\u044b.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0432 \u0430\u0442\u0430\u043a\u0435 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442\u0441\u044f \u0434\u0440\u0430\u0439\u0432\u0435\u0440, \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0439 Microsoft, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0442\u0435\u0445\u043d\u0438\u043a\u0443 Bring Your Own Vulnerable Driver \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0441\u0438\u0441\u0442\u0435\u043c, \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 Paragon Partition Manager \u043d\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 BioNTdrv.sys \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u043c \u0443\u0440\u043e\u0432\u043d\u044f \u044f\u0434\u0440\u0430, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0441 \u0442\u0435\u043c\u0438 \u0436\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438, \u0447\u0442\u043e \u0438 \u0443 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430, \u043e\u0431\u0445\u043e\u0434\u044f \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u0438 \u041f\u041e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 Biontdrv.sys \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 1.3.0 \u0438 1.5.1 \u0438 \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c 2.0.0. Paragon \u0432\u043a\u043b\u044e\u0447\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432 Hard Disk Manager \u0432\u0435\u0440\u0441\u0438\u0438 17.45.0 \u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0439 \u043f\u0430\u0442\u0447 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043e\u0448\u0438\u0431\u043e\u043a \u0432 \u0441\u0442\u0430\u0440\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Hard Disk Manager.\n\n\u041a\u0430\u043a \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f, \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 Paragon Hard Disk Manager \u0431\u0443\u0434\u0443\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b, \u0435\u0441\u043b\u0438 \u043d\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 BioNTdrv.sys.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Windows 10, Windows 11 \u0438 Windows Server 2016, 2019, 2022 \u0438 2025, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0441\u0442\u0430\u0440\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0441\u0447\u0438\u0442\u0430\u044e\u0442\u0441\u044f \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u043c\u0438. Microsoft \u0442\u0430\u043a\u0436\u0435 \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0432 \u0441\u0432\u043e\u0439 Vulnerable Driver Blocklist.\n\n\u041f\u043e\u043a\u0430 \u043d\u0435\u044f\u0441\u043d\u043e, \u043a\u0430\u043a\u0438\u0435 \u0438\u043c\u0435\u043d\u043d\u043e \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438, \u0437\u0430\u043d\u0438\u043c\u0430\u044e\u0449\u0438\u0435\u0441\u044f \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e\u043c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Paragon, \u043e\u0434\u043d\u0430\u043a\u043e \u0430\u0442\u0430\u043a\u0438 BYOVD \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u0432\u0441\u0435 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u043c\u0438 \u0441\u0440\u0435\u0434\u0438 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u043e\u0432. \u0417\u0430\u043c\u0435\u0447\u0435\u043d\u044b: Scattered Spider, Lazarus, BlackByte, LockBit \u0438 \u043c\u043d\u043e\u0433\u0438\u0435 \u0434\u0440.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0432\u0441\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f Paragon, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Hard Disk Manager, Partition Manager, Backup and Recovery, Drive Copy, Disk Wiper \u0438 Migrate OS to SSD, \u0438\u043b\u0438 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.", "creation_timestamp": "2025-03-03T15:46:13.000000Z"}, {"uuid": "19f2fa1d-84d4-4206-bc7e-66de3aa7c5e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0289", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/114098823372453579", "content": "", "creation_timestamp": "2025-03-03T13:51:18.538446Z"}, {"uuid": "d0933ef5-05da-415f-b707-b273dbc42147", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0289", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lji6mafewj2c", "content": "", "creation_timestamp": "2025-03-03T14:40:49.921382Z"}, {"uuid": "000b6d6d-8a9e-4ed5-96de-f187f6861baf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0289", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ljn3fekbtc23", "content": "", "creation_timestamp": "2025-03-05T13:26:43.259820Z"}, {"uuid": "586e2688-6d99-40f8-9101-979732d7b349", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0289", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ljleeqoyfc26", "content": "", "creation_timestamp": "2025-03-04T21:02:00.711979Z"}, {"uuid": "8281c6b0-4dad-45cb-adfe-2c8fc963605b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-0289", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3ljjp2nucos24", "content": "", "creation_timestamp": "2025-03-04T05:07:53.214427Z"}]}