CVE-2025-34222
BaseFortify
Publication date: 2025-09-29
Last updated on: 2025-10-09
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| vasion | virtual_appliance_application | to 20.0.2786 (exc) |
| vasion | virtual_appliance_host | to 22.0.1049 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-34222 is a critical vulnerability in Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application versions prior to 22.0.1049 and 20.0.2786 respectively. It involves unauthenticated administrative API routes that allow attackers to upload, delete, or download SSL/TLS certificates without any authentication checks. This means an attacker can replace trusted root certificates, delete existing certificates causing trust loss, or enumerate and download client certificates, potentially compromising the security of the appliance and its communications. [1]
How can this vulnerability impact me? :
This vulnerability can have severe impacts including complete compromise of SSL/TLS certificates used by the appliance, leading to loss of trust in secure communications, potential man-in-the-middle attacks, unauthorized access, and disruption of services relying on these certificates. Because the attacker can modify or delete certificates without authentication, it threatens confidentiality, integrity, availability, and overall security controls of the affected system. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can be performed by checking if the vulnerable versions of Vasion Print Virtual Appliance Host (prior to 22.0.1049) or Application (prior to 20.0.2786) are in use. Additionally, you can attempt to access the unauthenticated admin routes (/admin/hp/cert_upload, /admin/hp/cert_delete, /admin/certs/ca, /admin/certs/serviceclients/{scid}) on the appliance to verify if they are accessible without authentication. For example, using curl commands to test access: curl -i http://<target-ip>/admin/hp/cert_upload curl -i http://<target-ip>/admin/hp/cert_delete curl -i http://<target-ip>/admin/certs/ca curl -i http://<target-ip>/admin/certs/serviceclients/1 If these endpoints respond without authentication, the system is vulnerable. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading the Vasion Print Virtual Appliance Host to version 22.0.1049 or later and the Application to version 20.0.2786 or later, as these versions contain fixes for the unauthenticated admin API vulnerability. Until upgrades can be applied, restrict network access to the appliance's admin routes by implementing firewall rules or network segmentation to prevent unauthorized access. Monitor logs for any suspicious access to the admin endpoints and consider temporarily disabling the vulnerable services if possible. [1]