Hardcoded Encryption Keys in Vasion Print Virtual Appliance Affecting PrinterLogic
CVE-2025-34234
9.2CRITICAL
Key Information:
- Vendor
Vasion
- Vendor
- CVE Published:
- 29 September 2025
What is CVE-2025-34234?
The Vasion Print Virtual Appliance Host and Application prior to certain versions contain hardcoded private keys in clear text, which are utilized for AES-256-CBC encryption of sensitive identifiers. These keys are embedded in the application containers and can be exposed if an attacker accesses the Docker image or configuration files, potentially leading to unauthorized decryption of sensitive data. While this vulnerability has been acknowledged as remediated, the timeline for the patch's introduction remains unclear.
Affected Version(s)
Print Application * < 25.1.1413
Print Virtual Appliance Host * < 25.1.102