CVE-2025-27657
Published: 05 March 2025
Summary
CVE-2025-27657 is a critical-severity Code Injection (CWE-94) vulnerability in Printerlogic Vasion Print. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 17.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SC-7 (Boundary Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates the unauthenticated RCE vulnerability by requiring timely installation of vendor patches as detailed in security bulletins for affected Vasion Print versions.
Prevents remote exploitation by enforcing boundary protections that restrict network access to the vulnerable virtual appliance from untrusted sources.
Identifies the presence of the vulnerable PrinterLogic appliance version through regular vulnerability scanning, enabling prioritization of remediation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
This is a remote unauthenticated code execution vulnerability (CWE-94) in a public-facing application (Vasion Print/PrinterLogic appliance), directly mapping to T1190 Exploit Public-Facing Application for initial access and arbitrary code execution.
NVD Description
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Remote Code Execution V-2023-008.
Deeper analysisAI
CVE-2025-27657 is a remote code execution vulnerability (CWE-94) affecting Vasion Print, formerly known as PrinterLogic, in versions before Virtual Appliance Host 22.0.843 Application 20.0.1923. Designated as V-2023-008, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical due to its potential for severe impact.
The vulnerability enables an unauthenticated attacker with network access to exploit it remotely with low attack complexity and no user interaction required. Successful exploitation grants high-impact access to confidentiality, integrity, and availability, allowing arbitrary code execution on the affected appliance.
Vendor security bulletins, available at https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm, along with Pierre Kim's disclosure of 83 related vulnerabilities at https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html and the Full Disclosure mailing list entry at http://seclists.org/fulldisclosure/2025/Apr/18, provide further details on patches and mitigation steps.
Details
- CWE(s)