Paragon Software Hard Disk Manager Privilege Escalation Vulnerability in BioNTdrv.sys

A vulnerability allowing arbitrary kernel memory writes has been identified in various Paragon Software products, specifically within the BioNTdrv.sys driver. This issue arises from the memmove function, which fails to properly validate or sanitize user-controlled input. As a result, an attacker can write arbitrary data to kernel memory, leading to unauthorized privilege escalation. The vulnerability affects Paragon Hard Disk Manager versions 10.1.X.Y and older, as well as specific BioNTdrv.sys releases including 1.0.0.0, 1.1.0.0, 1.3.0.0, 1.4.0.0, and 1.5.1.0.

Impact

Exploitation of this vulnerability allows local attackers to write arbitrary data to kernel memory, potentially leading to unauthorized privilege escalation, with attackers gaining SYSTEM-level access.

Remediation

Paragon Software has released a security update for the Hard Disk Manager product line. Users can download the update from the Paragon Software website or through the Paragon Licensing Center. For instructions on applying the update, refer to the Paragon Software Knowledge Base article titled 'IMPORTANT: Paragon Driver Security Patch for All Products of Hard Disk Manager Product Line - Biontdrv.sys'.