CVE-2025-34201

Exploit

EPSS 0.02%
Veröffentlicht 19.09.2025 18:47:07
Zuletzt bearbeitet 24.09.2025 19:18:45
Quelle disclosure@vulncheck.com
CVE-Watchlists
Login
Unerledigt
Login

Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) run many Docker containers on shared internal networks without firewalling or segmentation between instances. A compromise of any single container allows direct access to internal services (HTTP, Redis, MySQL, etc.) on the overlay network. From a compromised container, an attacker can reach and exploit other services, enabling lateral movement, data theft, and system-wide compromise.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Vasion ≫ Virtual Appliance Application Version-

Vasion ≫ Virtual Appliance Host Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.035

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
disclosure@vulncheck.com	8.5	0	0	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-653 Improper Isolation or Compartmentalization

The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions.

https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm

Vendor Advisory

https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm

Vendor Advisory

https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-lack-of-fw

Third Party Advisory

Exploit

https://www.vulncheck.com/advisories/vasion-print-printerlogic-lack-of-network-segmentation-between-docker-instances

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-34201

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-34201

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-34201

EUVD