CVE-2025-27657
Published: 05 March 2025
Summary
CVE-2025-27657 is a critical-severity Code Injection (CWE-94) vulnerability in Printerlogic Vasion Print. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 17.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SC-7 (Boundary Protection).
Deeper analysis
Vasion Print, formerly known as PrinterLogic, is affected by CVE-2025-27657, a remote code execution flaw present in versions prior to Virtual Appliance Host 22.0.843 and Application 20.0.1923. The issue is tracked internally as V-2023-008 and is classified under CWE-94, indicating improper control over code generation that permits an attacker to inject and execute arbitrary code.
An unauthenticated attacker with network access can exploit the vulnerability without user interaction or credentials, achieving full compromise of confidentiality, integrity, and availability on the affected print management server. The CVSS 3.1 score of 9.8 reflects the low attack complexity and the potential for complete system takeover.
Vendor guidance published in the PrinterLogic security bulletin directs customers to upgrade to the fixed Virtual Appliance Host 22.0.843 and Application 20.0.1923 releases. Additional technical details and reproduction information appear in the April 2025 disclosure by Pierre Kim and the associated Full Disclosure mailing list post.
EPSS for the CVE rose from a low baseline to a peak of 0.0307 before settling at 0.0160, indicating measurable post-disclosure interest in exploitation.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-6061
Vulnerability details
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Remote Code Execution V-2023-008.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
This is a remote unauthenticated code execution vulnerability (CWE-94) in a public-facing application (Vasion Print/PrinterLogic appliance), directly mapping to T1190 Exploit Public-Facing Application for initial access and arbitrary code execution.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates the unauthenticated RCE vulnerability by requiring timely installation of vendor patches as detailed in security bulletins for affected Vasion Print versions.
Prevents remote exploitation by enforcing boundary protections that restrict network access to the vulnerable virtual appliance from untrusted sources.
Identifies the presence of the vulnerable PrinterLogic appliance version through regular vulnerability scanning, enabling prioritization of remediation.