CVE-2025-27671
Published: 05 March 2025
Summary
CVE-2025-27671 is a critical-severity Authentication Bypass by Spoofing (CWE-290) vulnerability in Printerlogic Vasion Print. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 40.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 IA-3 (Device Identification and Authentication) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires systems to identify and authenticate devices before establishing connections, preventing attackers from impersonating legitimate devices.
Mandates timely remediation of identified flaws, such as upgrading to the patched version that fixes this device impersonation vulnerability.
Enforces access control policies based on proper identification and authentication, limiting unauthorized actions by impersonated devices.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability is a remote unauthenticated authentication bypass via device spoofing in a network-accessible print management appliance, directly enabling exploitation of public-facing applications for initial access.
NVD Description
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Device Impersonation OVE-20230524-0015.
Deeper analysisAI
CVE-2025-27671 is a device impersonation vulnerability, tracked as OVE-20230524-0015 and mapped to CWE-290 (Authentication Bypass by Spoofing), affecting Vasion Print (formerly PrinterLogic) in versions prior to Virtual Appliance Host 22.0.843 Application 20.0.1923. Published on 2025-03-05, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), classifying it as critical due to its potential for severe impact across the confidentiality, integrity, and availability triads.
Remote, unauthenticated attackers can exploit this vulnerability over the network with low complexity and no user interaction. By impersonating legitimate devices, attackers gain unauthorized access, enabling high-impact compromise of the affected appliance, including potential data exfiltration, modification, or disruption of print management services.
Mitigation guidance is available in the vendor's security bulletins at https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm. Affected deployments should upgrade to Virtual Appliance Host 22.0.843 Application 20.0.1923 or later to address the issue.
Details
- CWE(s)