← back
CVE-2025-0289

CVE-2025-0289

CVSS 7.8 HIGHEPSS 0.3%
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.8EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
03 Mar 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Various Paragon Software products contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →