CVE-2025-34212
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-29

Last updated on: 2025-10-09

Assigner: VulnCheck

Description
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.843 and Application prior to version 20.0.1923 (VA/SaaS deployments) possess CI/CD weaknesses: the build pulls an unverified third-party image, downloads the VirtualBox Extension Pack over plain HTTP without signature validation, and grants the jenkins account NOPASSWD for mount/umount. Together these allow supply chain or man-in-the-middle compromise of the build pipeline, injection of malicious firmware, and remote code execution as root on the CI host. This vulnerability has been identified by the vendor as: V-2023-007 — Supply Chain Attack.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-29
Last Modified
2025-10-09
Generated
2026-06-16
AI Q&A
2025-09-29
EPSS Evaluated
2026-06-15
NVD
CVE-2025-34212
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
vasion virtual_appliance_application to 20.0.1923 (exc)
vasion virtual_appliance_host to 22.0.843 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-732 The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
CWE-494 The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-34212 is a high-severity vulnerability in Vasion Print (formerly PrinterLogic) affecting versions prior to 22.0.843 for the Virtual Appliance Host and prior to 20.0.1923 for the Application. The issue stems from an insecure build pipeline where the system pulls an unverified third-party image, downloads the VirtualBox Extension Pack over plain HTTP without signature validation, and grants the jenkins account passwordless permissions for mounting and unmounting. These weaknesses allow attackers to perform supply chain or man-in-the-middle attacks, inject malicious firmware, and execute code remotely as root on the CI host. [1]

Impact Analysis

This vulnerability can lead to a supply chain or man-in-the-middle compromise of the build pipeline, allowing attackers to inject malicious firmware and execute remote code as root on the continuous integration host. This means an attacker could gain full control over the affected system, potentially leading to unauthorized access, data manipulation, or further attacks within the environment. [1]

Detection Guidance

Detection involves checking the versions of Vasion Print Virtual Appliance Host and Application to see if they are below 22.0.843 and 20.0.1923 respectively. Additionally, inspecting the build pipeline for use of unverified third-party images, downloads of the VirtualBox Extension Pack over plain HTTP, and verifying if the 'jenkins' account has NOPASSWD permissions for mount/umount commands can help detect the vulnerability. Specific commands might include: 1) Checking software versions via the application's version command or interface. 2) Using 'grep' or similar tools to inspect build scripts or configuration files for HTTP downloads of VirtualBox Extension Pack. 3) Running 'sudo -l -U jenkins' to check sudo permissions for the jenkins user. However, exact commands are not detailed in the provided resources. [1]

Mitigation Strategies

Immediate mitigation steps include upgrading the Vasion Print Virtual Appliance Host to version 22.0.843 or later and the Application to version 20.0.1923 or later. Additionally, ensure that the build pipeline only pulls verified third-party images, downloads the VirtualBox Extension Pack over secure channels with signature validation, and remove NOPASSWD permissions for the jenkins account on mount/umount commands to prevent unauthorized privilege escalation. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-34212. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart