CVE-2025-34192

Medienbericht

Exploit

EPSS 0.9%
Veröffentlicht 19.09.2025 18:39:01
Zuletzt bearbeitet 02.10.2025 22:15:36
Quelle disclosure@vulncheck.com
CVE-Watchlists
Login
Unerledigt
Login

Vasion Print (formerly PrinterLogic) Usage of Outdated and Unsupported OpenSSL Version

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.893 and Application versions prior to 20.0.2140 (macOS/Linux client deployments) are built against OpenSSL 1.0.2h-fips (released May 2016), which has been end-of-life since 2019 and is no longer supported by the OpenSSL project. Continued use of this outdated cryptographic library exposes deployments to known vulnerabilities that are no longer patched, weakening the overall security posture. Affected daemons may emit deprecation warnings and rely on cryptographic components with unresolved security flaws, potentially enabling attackers to exploit weaknesses in TLS/SSL processing or cryptographic operations. This vulnerability has been identified by the vendor as: V-2023-021 — Out-of-Date OpenSSL Library.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 8

NVD 2 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Vasion ≫ Virtual Appliance Application Version < 20.0.2140

Apple ≫ macOS Version-
Linux ≫ Linux Kernel Version-

Vasion ≫ Virtual Appliance Host Version < 22.0.893

Apple ≫ macOS Version-
Linux ≫ Linux Kernel Version-

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.9%	0.549

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
disclosure@vulncheck.com	9.3	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-1104 Use of Unmaintained Third Party Components

The product relies on third-party components that are not actively supported or maintained by the original developer or a trusted proxy for the original developer.

Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.

VulnDex Intel

Media Report

23.09.2025 11:51

https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm

Vendor Advisory

https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm

Vendor Advisory

https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#mac-outdated-openssl

Third Party Advisory

Exploit

https://www.vulncheck.com/advisories/vasion-print-printerlogic-usage-of-outdated-and-unsupported-openssl-version

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-34192

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-34192

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-34192

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-34192