Credentials Exposure in Vasion Print by PrinterLogic
CVE-2025-34210

9.4CRITICAL

Key Information:

Vendor

Vasion

Status
Print Virtual Appliance Host
Print Application
Vendor
CVE Published:
2 October 2025

What is CVE-2025-34210?

The Vasion Print Virtual Appliance and its SaaS deployments by PrinterLogic are susceptible to a serious credentials exposure issue. Sensitive information, including database passwords, MySQL root passwords, SaaS keys, and Portainer admin passwords, is stored in cleartext files that can be accessed by any local user or process capable of reading the host filesystem. This oversight poses a significant risk, as it allows for the potential theft of credentials, leading to a complete compromise of the appliance. Although the vendor cites a shared responsibility model requiring administrators to implement persistent storage encryption, the existing risk remains critical and should not be overlooked.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Print Application *

Print Virtual Appliance Host *

References

https://pierrekim.github.io/blog/2025-04-08-vasion-printe...
technical-description
https://help.printerlogic.com/va/Print/Security/Security-...
vendor-advisorypatch
https://help.printerlogic.com/saas/Print/Security/Securit...
vendor-advisorypatch

CVSS V4

Score:
9.4
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Pierre Barre
JSON
.