CVE-2025-34234
BaseFortify
Publication date: 2025-09-29
Last updated on: 2025-10-09
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| vasion | virtual_appliance_application | to 25.1.1413 (exc) |
| vasion | virtual_appliance_host | to 25.1.102 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-321 | The product uses a hard-coded, unchangeable cryptographic key. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application versions prior to 25.1.102 and 25.1.1413 respectively, containing two hardcoded private encryption keys stored in clear text within application containers. These keys are used for AES-256-CBC encryption/decryption of the SaaS Id. Because the keys are embedded and accessible in the deployed Docker images or filesystem, an attacker who obtains access can recover these keys and potentially compromise the encryption, leading to unauthorized access or data exposure. [1]
How can this vulnerability impact me? :
An attacker who obtains the hardcoded encryption keys can decrypt sensitive identifiers (SaaS Ids), potentially allowing unauthorized access to the system or data. This compromises the confidentiality of the affected Vasion Print components, posing a critical security risk. The vulnerability has a high CVSS score of 9.2, indicating it can be exploited remotely without privileges or user interaction, making it a severe threat. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if your system is running affected versions of Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to 25.1.102 or Application prior to 25.1.1413. Additionally, you can inspect the filesystem of the application containers (printerlogic/pi, printerlogic/printer-admin-api, and printercloud/pi) for the presence of the hardcoded private key files located at /var/www/app/config/keyfile.ppk.dev and /var/www/app/config/keyfile.saasid.ppk.dev. Commands such as 'docker images' to list images, 'docker inspect <image>' to explore image contents, or accessing the container filesystem and running 'ls /var/www/app/config/' to check for these key files can help detect the vulnerability. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading the Vasion Print Virtual Appliance Host to version 25.1.102 or later and the Application to version 25.1.1413 or later, as these versions contain the confirmed remediation. Until the upgrade can be performed, restrict access to the affected containers and their filesystem to prevent unauthorized access to the hardcoded keys. Additionally, monitor for any unauthorized access attempts and consider isolating affected systems from the network to reduce exposure. [1]