CVE-2025-34200

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-34200
Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) provision the appliance with the network account credentials in clear-text inside /etc/issue, and the file is world-readable by default. An attacker with local shell access can read /etc/issue to obtain the network account username and password. Using the network account an attacker can change network parameters via the appliance interface, enabling local misconfiguration, network disruption or further escalation depending on deployment.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm Vendor Advisory
https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm Vendor Advisory
https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-clear-text-password Exploit Third Party Advisory
https://www.vulncheck.com/advisories/vasion-print-printerlogic-network-account-password-stored-in-cleartext Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:vasion:virtual_appliance_application:-:*:*:*:*:*:*:*
cpe:2.3:a:vasion:virtual_appliance_host:-:*:*:*:*:*:*:*
History

24 Sep 2025, 19:18

Type Values Removed Values Added
References () https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm - () https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm - Vendor Advisory
References () https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm - () https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm - Vendor Advisory
References () https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-clear-text-password - () https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-clear-text-password - Exploit, Third Party Advisory
References () https://www.vulncheck.com/advisories/vasion-print-printerlogic-network-account-password-stored-in-cleartext - () https://www.vulncheck.com/advisories/vasion-print-printerlogic-network-account-password-stored-in-cleartext - Third Party Advisory
First Time Vasion virtual Appliance Host
Vasion virtual Appliance Application
Vasion
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.8
CPE cpe:2.3:a:vasion:virtual_appliance_application:-:*:*:*:*:*:*:*
cpe:2.3:a:vasion:virtual_appliance_host:-:*:*:*:*:*:*:*

19 Sep 2025, 19:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-09-19 19:15

Updated : 2025-09-24 19:18

NVD link : CVE-2025-34200

Mitre link : CVE-2025-34200

CVE.ORG link : CVE-2025-34200

JSON object : View

Products Affected

vasion

  • virtual_appliance_application
  • virtual_appliance_host
CWE
CWE-312

Cleartext Storage of Sensitive Information