CVE-2025-34191

Exploit

EPSS 0.02%
Veröffentlicht 19.09.2025 18:51:42
Zuletzt bearbeitet 02.10.2025 22:15:36
Quelle disclosure@vulncheck.com
CVE-Watchlists
Login
Unerledigt
Login

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.843 and Application prior to 20.0.1923 (macOS/Linux client deployments) contain an arbitrary file write vulnerability via the response file handling. When tasks produce output the service writes response data into files under /opt/PrinterInstallerClient/tmp/responses/ reusing the requested filename. The service follows symbolic links in the responses directory and writes as the service user (typically root), allowing a local, unprivileged user to cause the service to overwrite or create arbitrary files on the filesystem as root. This can be used to modify configuration files, replace or inject binaries or drivers, and otherwise achieve local privilege escalation and full system compromise. This vulnerability has been identified by the vendor as: V-2023-019 — Arbitrary File Write as Root.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Vasion ≫ Virtual Appliance Application Version < 20.0.1923

Apple ≫ macOS Version-
Linux ≫ Linux Kernel Version-

Vasion ≫ Virtual Appliance Host Version < 22.0.843

Apple ≫ macOS Version-
Linux ≫ Linux Kernel Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.054

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.4	2.5	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
disclosure@vulncheck.com	8.5	0	0	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-276 Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

CWE-59 Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm

Vendor Advisory

https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm

Vendor Advisory

https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#mac-arbitrary-file-write

Third Party Advisory

Exploit

https://www.vulncheck.com/advisories/vasion-print-printerlogic-arbitrary-file-write-as-root-via-response-path-symlink-follow

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-34191

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-34191

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-34191

EUVD