CVE-2025-34192
BaseFortify
Publication date: 2025-09-19
Last updated on: 2025-10-02
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| vasion | virtual_appliance_application | to 20.0.2140 (exc) |
| vasion | virtual_appliance_host | to 22.0.893 (exc) |
| apple | macos | * |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1104 | The product relies on third-party components that are not actively supported or maintained by the original developer or a trusted proxy for the original developer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-34192 is a critical vulnerability in Vasion Print (formerly PrinterLogic) products caused by the use of an outdated and unsupported OpenSSL version 1.0.2h-fips. This version of OpenSSL has been end-of-life since 2019 and no longer receives security patches. As a result, affected Vasion Print components rely on cryptographic libraries with known, unpatched security flaws. This weakens the security of TLS/SSL processing and cryptographic operations, potentially allowing attackers to exploit these weaknesses remotely without any privileges or user interaction. [1]
How can this vulnerability impact me? :
This vulnerability can severely impact you by exposing your Vasion Print deployments to remote attacks that can compromise confidentiality, integrity, and availability of your printing services. Since the cryptographic library is outdated and unpatched, attackers may exploit weaknesses in TLS/SSL communications or cryptographic operations, potentially leading to data breaches, unauthorized access, or service disruptions. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by identifying the version of OpenSSL used by Vasion Print components. You can check the OpenSSL version on the affected systems by running commands such as `openssl version` on the appliance or client machines. Additionally, scanning network traffic for deprecated TLS/SSL protocols or observing deprecation warnings emitted by affected daemons may help detect the vulnerability. Specific commands include: `openssl version` to check OpenSSL version, and network scanning tools to detect usage of vulnerable TLS/SSL versions. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading Vasion Print Virtual Appliance Host to version 22.0.893 or later, and the Print Application to version 20.0.2140 or later, which use supported and updated OpenSSL versions. If upgrading is not immediately possible, consider isolating affected systems from untrusted networks, disabling vulnerable services, and monitoring for suspicious activity. Avoid using the outdated OpenSSL 1.0.2h-fips library to reduce exposure to known cryptographic vulnerabilities. [1]