CVE-2025-34212
BaseFortify
Publication date: 2025-09-29
Last updated on: 2025-10-09
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| vasion | virtual_appliance_application | to 20.0.1923 (exc) |
| vasion | virtual_appliance_host | to 22.0.843 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-732 | The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. |
| CWE-494 | The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-34212 is a high-severity vulnerability in Vasion Print (formerly PrinterLogic) affecting versions prior to 22.0.843 for the Virtual Appliance Host and prior to 20.0.1923 for the Application. The issue stems from an insecure build pipeline where the system pulls an unverified third-party image, downloads the VirtualBox Extension Pack over plain HTTP without signature validation, and grants the jenkins account passwordless permissions for mounting and unmounting. These weaknesses allow attackers to perform supply chain or man-in-the-middle attacks, inject malicious firmware, and execute code remotely as root on the CI host. [1]
How can this vulnerability impact me? :
This vulnerability can lead to a supply chain or man-in-the-middle compromise of the build pipeline, allowing attackers to inject malicious firmware and execute remote code as root on the continuous integration host. This means an attacker could gain full control over the affected system, potentially leading to unauthorized access, data manipulation, or further attacks within the environment. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection involves checking the versions of Vasion Print Virtual Appliance Host and Application to see if they are below 22.0.843 and 20.0.1923 respectively. Additionally, inspecting the build pipeline for use of unverified third-party images, downloads of the VirtualBox Extension Pack over plain HTTP, and verifying if the 'jenkins' account has NOPASSWD permissions for mount/umount commands can help detect the vulnerability. Specific commands might include: 1) Checking software versions via the application's version command or interface. 2) Using 'grep' or similar tools to inspect build scripts or configuration files for HTTP downloads of VirtualBox Extension Pack. 3) Running 'sudo -l -U jenkins' to check sudo permissions for the jenkins user. However, exact commands are not detailed in the provided resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading the Vasion Print Virtual Appliance Host to version 22.0.843 or later and the Application to version 20.0.1923 or later. Additionally, ensure that the build pipeline only pulls verified third-party images, downloads the VirtualBox Extension Pack over secure channels with signature validation, and remove NOPASSWD permissions for the jenkins account on mount/umount commands to prevent unauthorized privilege escalation. [1]