Vulnerability in Vasion Print Virtual Appliance Hosts and Application Affecting Root User Processes
CVE-2025-34204

8.7HIGH

Key Information:

Vendor

Vasion

Status
Print Virtual Appliance Host
Print Application
Vendor
CVE Published:
19 September 2025

What is CVE-2025-34204?

The Vasion Print Virtual Appliance Host and Application are vulnerable due to multiple Docker containers running primary processes such as PHP workers and Node.js servers as the root user. This configuration significantly amplifies the risk of a compromise, as a breach in any container could lead to unauthorized access across the host system, facilitating lateral movement and making the overall environment insecure. Proper privilege escalation controls are essential to mitigate these vulnerabilities and protect against potential threats.

Affected Version(s)

Print Application *

Print Virtual Appliance Host *

References

https://pierrekim.github.io/blog/2025-04-08-vasion-printe...
technical-description
https://help.printerlogic.com/saas/Print/Security/Securit...
product
https://help.printerlogic.com/va/Print/Security/Security-...
product

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Pierre Barre
.
CVE-2025-34204 : Vulnerability in Vasion Print Virtual Appliance Hosts and Application Affecting Root User Processes