CVE-2025-34211
BaseFortify
Publication date: 2025-09-29
Last updated on: 2025-10-03
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| vasion | virtual_appliance_application | to 20.0.2786 (exc) |
| vasion | virtual_appliance_host | to 22.0.1049 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-321 | The product uses a hard-coded, unchangeable cryptographic key. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves Vasion Print (formerly PrinterLogic) products using a hardcoded private SSL key and matching public certificate stored in cleartext within the appliance. The key is identical across all deployed appliances and is used to terminate TLS connections. An attacker with container-level access can read the private key, allowing them to decrypt TLS traffic, perform man-in-the-middle attacks, forge TLS certificates, impersonate the applianceβs web UI, intercept credentials, and gain unrestricted access to services trusting the certificate. [1]
How can this vulnerability impact me? :
The impact includes potential decryption of secure TLS communications, man-in-the-middle attacks, impersonation of the applianceβs web interface, interception of user credentials, and unauthorized access to services that trust the compromised certificate. Since the private key is the same across all installations, a single compromise affects every deployment, severely compromising confidentiality, integrity, and availability of the affected systems. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if the Vasion Print Virtual Appliance Host or Application versions are below 22.0.1049 and 20.0.2786 respectively. Additionally, detection involves verifying if the private SSL key and matching public certificate for hostname 'pl-local.com' are stored in cleartext on the system. Commands to locate and inspect these files might include searching for SSL key files within the appliance container or host filesystem, for example using commands like 'find / -name "*.key"' or 'grep -r "pl-local.com" /path/to/certificate/dir'. However, specific commands are not detailed in the provided resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading the Vasion Print Virtual Appliance Host to version 22.0.1049 or later and the Application to version 20.0.2786 or later, as these versions address the vulnerability by removing the hardcoded SSL keys. Additionally, restricting container-level access to prevent unauthorized reading of private keys is critical. Vendor security bulletins provide further guidance on mitigation. [1]