CVE-2025-34235
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-29

Last updated on: 2025-10-09

Assigner: VulnCheck

Description
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (Windows client deployments) contain a registry key that can be enabled by administrators, causing the client to skip SSL/TLS certificate validation. An attacker who can intercept HTTPS traffic can then inject malicious driver DLLs, resulting in remote code execution with SYSTEM privileges; a local attacker can achieve local privilege escalation via a junction‑point DLL injection.Β This vulnerability has been confirmed to be remediated, but it is unclear as to when the patch was introduced.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-29
Last Modified
2025-10-09
Generated
2026-05-07
AI Q&A
2025-09-29
EPSS Evaluated
2026-05-05
NVD
CVE-2025-34235
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
vasion virtual_appliance_application to 25.1.1413 (exc)
vasion virtual_appliance_host to 25.1.102 (exc)
microsoft windows *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-295 The product does not validate, or incorrectly validates, a certificate.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-34235 is a critical vulnerability in Vasion Print (formerly PrinterLogic) where a registry key can be enabled by administrators to cause the client to skip SSL/TLS certificate validation. This weakness allows an attacker who can intercept HTTPS traffic to inject malicious driver DLLs, leading to remote code execution with SYSTEM privileges. Additionally, a local attacker can exploit this via junction-point DLL injection to escalate privileges locally. [1]


How can this vulnerability impact me? :

This vulnerability can lead to remote code execution with SYSTEM privileges if an attacker intercepts HTTPS traffic, allowing them to run arbitrary code on the affected system. It also enables local privilege escalation through DLL injection. The impact includes full compromise of confidentiality, integrity, and availability of the affected system, potentially allowing attackers to control or disrupt printing services and related infrastructure. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

Detection can focus on identifying if the vulnerable versions of Vasion Print Virtual Appliance Host (prior to 25.1.102) or Print Application (prior to 25.1.1413) are in use, and if the registry key that disables SSL/TLS certificate validation is enabled. Specific commands are not provided in the resources, but typical steps include checking installed software versions and inspecting relevant registry keys on Windows clients. Network detection might involve monitoring for unusual HTTPS traffic interception or injection attempts, but no explicit commands are given. [1]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include upgrading Vasion Print Virtual Appliance Host to version 25.1.102 or later and Print Application to version 25.1.1413 or later to ensure the vulnerability is patched. Additionally, administrators should verify and disable any registry keys that cause the client to skip SSL/TLS certificate validation to prevent man-in-the-middle attacks. Monitoring network traffic for suspicious activity and restricting access to the appliance may also help reduce risk until patches are applied. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart