Authentication Bypass Vulnerability in Vasion Print by Vasion
CVE-2025-34190
Key Information:
- Vendor
Vasion
- Vendor
- CVE Published:
- 19 September 2025
Badges
What is CVE-2025-34190?
The Vasion Print Virtual Appliance Host and macOS/Linux client deployments are exposed to an authentication bypass through the PrinterInstallerClientService. Attackers can exploit this vulnerability by preloading a malicious shared object that overrides the geteuid() function, allowing them to gain unauthorized root privileges. This could lead to execution of administrative commands without proper authorization, thereby compromising system integrity. Despite certain operations requiring write access potentially failing, the bypass undermines the security of the inter-process communication system. Although the vulnerability has been addressed, specific affected version details are yet to be confirmed by Vasion.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Print Application MacOS * < 25.1.102
Print Virtual Appliance Host MacOS * < 25.1.1413
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved