CVE-2025-34207

UNKNOWN 0.0

Vasion Print (formerly PrinterLogic) Insecure SSH Client Configuration

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to 22.0.1049 and Application prior to 20.0.2786 (VA and SaaS deployments) configure the SSH client within Docker instances with the following options: `UserKnownHostsFile=/dev/null`, `StrictHostKeyChecking=no`, and `ForwardAgent yes`. These settings disable verification of the remote host’s SSH key and automatically forward the developer’s SSH‑agent to any host that matches the configured wildcard patterns. As a result, an attacker who can reach a single compromised container can cause the container to connect to a malicious SSH server, capture the forwarded private keys, and use those keys for unrestricted lateral movement across the environment. This vulnerability has been identified by the vendor as: V-2024-027 — Insecure Secure Shell (SSH) Configuration.

CWE	CWE-522 CWE-306
Vendor	vasion
Product	print virtual appliance host
Published	Sep 29, 2025
Last Updated	May 15, 2026

Stay Ahead of the Next One

Get instant alerts for vasion print virtual appliance host

Be the first to know when new unknown vulnerabilities affecting vasion print virtual appliance host are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Vasion / Print Virtual Appliance Host

0 < 22.0.1049

Vasion / Print Application

0 < 20.0.2786

References

NVD ↗ CVE.org ↗ EPSS Data ↗

pierrekim.github.io: https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-insecure-ssh-config help.printerlogic.com: https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm help.printerlogic.com: https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm vulncheck.com: https://www.vulncheck.com/advisories/vasion-print-printerlogic-insecure-ssh-client-config

Credits

Pierre Barre