CVE-2025-34217
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-30

Last updated on: 2025-10-07

Assigner: VulnCheck

Description
Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SaaS deployments) contain an undocumented 'printerlogic' user with a hardcoded SSH public key in '~/.ssh/authorized_keys' and a sudoers rule granting the printerlogic_ssh group 'NOPASSWD: ALL'. Possession of the matching private key gives an attacker root access to the appliance.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-30
Last Modified
2025-10-07
Generated
2026-06-16
AI Q&A
2025-09-30
EPSS Evaluated
2026-06-15
NVD
CVE-2025-34217
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
vasion virtual_appliance_application *
vasion virtual_appliance_host *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-321 The product uses a hard-coded, unchangeable cryptographic key.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application deployments containing an undocumented 'printerlogic' user with a hardcoded SSH public key in the authorized_keys file. Because of a sudoers rule granting the printerlogic_ssh group passwordless root privileges, anyone possessing the matching private SSH key can gain root access to the appliance. This is classified as a use of a hard-coded cryptographic key vulnerability (CWE-321). [1]

Impact Analysis

An attacker who obtains the private SSH key corresponding to the hardcoded public key can gain root access to the Vasion Print appliance without authentication. This allows full control over the system, potentially leading to data breaches, system compromise, and disruption of services. The vulnerability has a maximum CVSS v4 base score of 10.0, indicating critical impact on confidentiality, integrity, and availability. [1]

Detection Guidance

Detection involves checking the presence of the undocumented 'printerlogic' user and its hardcoded SSH public key in the '~/.ssh/authorized_keys' file on the Vasion Print appliance. You can run commands to list users and inspect SSH authorized keys, for example: 1) Check for the 'printerlogic' user: `getent passwd | grep printerlogic` 2) Inspect the authorized_keys file for the printerlogic user: `cat /home/printerlogic/.ssh/authorized_keys` or `cat /root/.ssh/authorized_keys` if applicable. Additionally, check sudoers rules for the 'printerlogic_ssh' group with: `sudo cat /etc/sudoers` or `sudo cat /etc/sudoers.d/*` to find any 'NOPASSWD: ALL' entries related to this group. These steps help identify if the vulnerable configuration exists on your system. [1]

Mitigation Strategies

Immediate mitigation steps include removing or disabling the undocumented 'printerlogic' user and its hardcoded SSH public key from the appliance. Specifically, remove the hardcoded public key from the '~/.ssh/authorized_keys' file and revoke any sudoers rules granting passwordless root access to the 'printerlogic_ssh' group. If possible, rotate SSH keys and enforce strict access controls. Monitor vendor security bulletins for patches or updates addressing this vulnerability and apply them as soon as they become available. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-34217. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart