Unrated severityNVD Advisory· Published Sep 29, 2025· Updated Nov 17, 2025
Vasion Print (formerly PrinterLogic) Weak SSL/TLS Certificate Validation RCE
CVE-2025-34235
Description
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (Windows client deployments) contain a registry key that can be enabled by administrators, causing the client to skip SSL/TLS certificate validation. An attacker who can intercept HTTPS traffic can then inject malicious driver DLLs, resulting in remote code execution with SYSTEM privileges; a local attacker can achieve local privilege escalation via a junction‑point DLL injection. This vulnerability has been confirmed to be remediated, but it is unclear as to when the patch was introduced.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: <25.1.1413
<25.1.102+ 1 more
- (no CPE)range: <25.1.102
- (no CPE)range: *
- Range: *
Patches
Vulnerability mechanics
References
4- help.printerlogic.com/saas/Print/Security/Security-Bulletins.htmmitrevendor-advisorypatch
- help.printerlogic.com/va/Print/Security/Security-Bulletins.htmmitrevendor-advisorypatch
- www.vulncheck.com/advisories/vasion-print-printerlogic-weak-ssl-tls-certificate-validation-rcemitrethird-party-advisory
- pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.htmlmitretechnical-description
News mentions
0No linked articles in our index yet.