Unrated severityNVD Advisory· Published Sep 29, 2025· Updated Nov 17, 2025

Vasion Print (formerly PrinterLogic) Weak SSL/TLS Certificate Validation RCE

CVE-2025-34235

Description

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (Windows client deployments) contain a registry key that can be enabled by administrators, causing the client to skip SSL/TLS certificate validation. An attacker who can intercept HTTPS traffic can then inject malicious driver DLLs, resulting in remote code execution with SYSTEM privileges; a local attacker can achieve local privilege escalation via a junction‑point DLL injection. This vulnerability has been confirmed to be remediated, but it is unclear as to when the patch was introduced.

Affected products

Oracle Corporation/Applicationsllm-fuzzy
Range: <25.1.1413
Vasion/Virtual Appliance Hostllm-fuzzy
Range: <25.1.102
Vasion/Print Applicationv5
Range: *
Vasion/Print Virtual Appliance Hostv5
Range: *

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

help.printerlogic.com/saas/Print/Security/Security-Bulletins.htmmitrevendor-advisorypatch
help.printerlogic.com/va/Print/Security/Security-Bulletins.htmmitrevendor-advisorypatch
www.vulncheck.com/advisories/vasion-print-printerlogic-weak-ssl-tls-certificate-validation-rcemitrethird-party-advisory
pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.htmlmitretechnical-description

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000