🔐 CVE Alert

CVE-2025-34235

UNKNOWN 0.0

Vasion Print (formerly PrinterLogic) Weak SSL/TLS Certificate Validation RCE

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (Windows client deployments) contain a registry key that can be enabled by administrators, causing the client to skip SSL/TLS certificate validation. An attacker who can intercept HTTPS traffic can then inject malicious driver DLLs, resulting in remote code execution with SYSTEM privileges; a local attacker can achieve local privilege escalation via a junction‑point DLL injection. This vulnerability has been confirmed to be remediated, but it is unclear as to when the patch was introduced.

CWE CWE-295
Vendor vasion
Product print virtual appliance host
Published Sep 29, 2025
Last Updated May 15, 2026
Stay Ahead of the Next One

Get instant alerts for vasion print virtual appliance host

Be the first to know when new unknown vulnerabilities affecting vasion print virtual appliance host are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Vasion / Print Virtual Appliance Host
0 < 25.1.102
Vasion / Print Application
0 < 25.1.1413

References

NVD ↗ CVE.org ↗ EPSS Data ↗
pierrekim.github.io: https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#win-lpe-04 help.printerlogic.com: https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm help.printerlogic.com: https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm vulncheck.com: https://www.vulncheck.com/advisories/vasion-print-printerlogic-weak-ssl-tls-certificate-validation-rce

Credits

Pierre Barre