CVE-2025-0287
BioNTdrv.sys — null pointer dereference causes denial of service
Summary
| Field | Value |
|---|---|
| Driver | BioNTdrv.sys (Paragon Partition Manager) |
| Vulnerability Class | Null Pointer Dereference |
| Exploited ITW | No |
| Vendor | Paragon Software |
Root Cause
The Paragon Partition Manager driver never validates a pointer before dereferencing it in an IOCTL handler. A null pointer dereference crashes the kernel (BSoD). One of five vulnerabilities in BioNTdrv.sys (alongside CVE-2025-0285, CVE-2025-0286, CVE-2025-0288, CVE-2025-0289).
Exploitation
The attacker sends a crafted IOCTL with a null pointer. The null dereference triggers a BSoD. DoS only, no code execution.
Exploitation Primitive
Crafted IOCTL → null pointer dereference → BSoD