CVE-2025-34193
BaseFortify
Publication date: 2025-09-19
Last updated on: 2025-09-29
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| vasion | virtual_appliance_application | * |
| vasion | virtual_appliance_host | * |
| microsoft | windows | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1104 | The product relies on third-party components that are not actively supported or maintained by the original developer or a trusted proxy for the original developer. |
| CWE-755 | The product does not handle or incorrectly handles an exceptional condition. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects Vasion Print (formerly PrinterLogic) Windows client components that are built without modern security protections such as DEP, ASLR, CFG, or stack-protection and rely on outdated runtimes like Pascal/Delphi and Python 2. Some of these components run with SYSTEM privileges and automatically download and install printer drivers. Due to the lack of memory safety mitigations and use of unmaintained runtimes, attackers can exploit memory corruption or crafted inputs to achieve remote or local code execution and escalate privileges to SYSTEM. [1]
How can this vulnerability impact me? :
The vulnerability can lead to remote or local code execution and privilege escalation to SYSTEM level on affected systems. This means an attacker could potentially execute arbitrary code with the highest system privileges, compromising system integrity and availability. The impact includes high integrity and availability risks, although confidentiality impact is low. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can focus on identifying the presence of the vulnerable Windows client components: PrinterInstallerClientInterface.exe, PrinterInstallerClient.exe, and PrinterInstallerClientLauncher.exe. You can use commands to list running processes or installed files matching these names. For example, on Windows systems, use PowerShell commands like 'Get-Process -Name PrinterInstallerClient*' to check running processes or 'Get-ChildItem -Path "C:\Program Files\" -Recurse -Include PrinterInstallerClient*.exe' to find installed binaries. Additionally, monitoring for unexpected printer driver downloads or installations may indicate exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to systems running the vulnerable components to trusted users only, disabling or limiting the automatic printer driver download and installation feature if possible, and monitoring for suspicious activity related to these processes. Since it is currently unknown whether a patch exists, consider isolating affected systems or applying application whitelisting to prevent execution of the vulnerable binaries. Additionally, ensure that systems have up-to-date security controls and consider compensating controls to reduce the risk of exploitation. [1]