CVE-2025-27649
Published: 05 March 2025
Summary
CVE-2025-27649 is a critical-severity Improper Access Control (CWE-284) vulnerability in Printerlogic Vasion Print. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 32.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates the CVE by identifying, reporting, and applying the vendor-recommended upgrade to Virtual Appliance Host 22.0.893 Application 20.0.2140 or later to remediate the access control flaw.
Enforces approved authorizations for logical access, directly countering the incorrect access control (CWE-284) that allows unauthenticated remote exploitation.
Monitors and controls communications at system boundaries to block remote unauthenticated access attempts exploiting the network-accessible vulnerability.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The CVE describes an unauthenticated remote incorrect access control flaw (CWE-284) in a public-facing print management application with CVSS 9.8 (AV:N/PR:N), directly enabling initial access and full system compromise through exploitation of the exposed service.
NVD Description
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.893 Application 20.0.2140 allows Incorrect Access Control: PHP V-2023-016.
Deeper analysisAI
CVE-2025-27649 is an Incorrect Access Control vulnerability (CWE-284), identified as PHP V-2023-016, affecting Vasion Print (formerly PrinterLogic) in versions before Virtual Appliance Host 22.0.893 Application 20.0.2140. Published on 2025-03-05, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical due to its potential for severe impact.
Remote attackers require no authentication privileges, user interaction, or special conditions beyond network access and low attack complexity to exploit the vulnerability. Successful exploitation enables high-impact compromise of confidentiality, integrity, and availability, potentially allowing full system control on affected appliances.
Vendor advisories, independent researcher disclosures, and related bulletins provide mitigation guidance, including upgrade instructions to Virtual Appliance Host 22.0.893 Application 20.0.2140 or later. Key references include the PrinterLogic (Vasion) security bulletins at https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm, Pierre Kim's analysis of 83 Vasion/PrinterLogic vulnerabilities at https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html, and the Full Disclosure mailing list entry at http://seclists.org/fulldisclosure/2025/Apr/18.
Details
- CWE(s)