Cyber Resilience

CVE-2025-27644

HighLPE

Published: 05 March 2025

Published
05 March 2025
Modified
03 November 2025
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0005 15.9th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-27644 is a high-severity Improper Privilege Management (CWE-269) vulnerability in Printerlogic Vasion Print. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 15.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-27644 is a local privilege escalation vulnerability (CWE-269) in Vasion Print, formerly known as PrinterLogic, affecting Virtual Appliance Host versions before 22.0.933 with Application versions before 20.0.2368. Designated as V-2024-007, it carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and was published on 2025-03-05.

The vulnerability can be exploited by a local attacker who already possesses low privileges on the affected system. Exploitation requires low complexity and no user interaction, allowing the attacker to gain high-impact control over confidentiality, integrity, and availability, resulting in full local privilege escalation.

Mitigation is achieved by upgrading to Virtual Appliance Host 22.0.933 or later with Application 20.0.2368 or later. Vendor and researcher advisories provide further details, including the PrinterLogic security bulletin at https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm, Pierre Kim's analysis of related vulnerabilities at https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html, and the Full Disclosure mailing list post at http://seclists.org/fulldisclosure/2025/Apr/18.

EU & UK References

Vulnerability details

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Local Privilege Escalation V-2024-007.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local privilege escalation vulnerability (CWE-269) directly enables T1068 by allowing a low-privileged local attacker to exploit the flaw for full system control.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-27639Same product: Printerlogic Vasion Print
CVE-2025-27677Same product: Printerlogic Vasion Print
CVE-2025-27646Same product: Printerlogic Vasion Print
CVE-2025-27682Same product: Printerlogic Vasion Print
CVE-2025-27669Same product: Printerlogic Vasion Print
CVE-2025-27668Same product: Printerlogic Vasion Print
CVE-2025-27648Same product: Printerlogic Vasion Print
CVE-2025-27664Same product: Printerlogic Vasion Print
CVE-2025-27671Same product: Printerlogic Vasion Print
CVE-2025-27651Same product: Printerlogic Vasion Print

Affected Assets

printerlogic
vasion print
≤ 20.0.2368
printerlogic
virtual appliance
≤ 22.0.933

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the local privilege escalation by requiring timely remediation through patching to Virtual Appliance Host 22.0.933 or later with Application 20.0.2368 or later.

prevent

Enforces least privilege for users and processes on the system, preventing low-privileged local attackers from escalating to higher privileges despite the vulnerability.

prevent

Requires enforcement of approved access authorizations, countering unauthorized privilege changes attempted via the local escalation vulnerability.

References