Cyber Resilience

CVE-2025-27678

CriticalRCE

Published: 05 March 2025

Published
05 March 2025
Modified
03 November 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0379 88.3th percentile
Risk Priority 22 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-27678 is a critical-severity Code Injection (CWE-94) vulnerability in Printerlogic Vasion Print. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked in the top 11.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).

Deeper analysis

Vasion Print, formerly known as PrinterLogic, is affected by CVE-2025-27678, a client-side remote code execution flaw present in versions prior to Virtual Appliance Host 22.0.843 and Application 20.0.1923. The vulnerability is tracked under CWE-94 and carries a CVSS 3.1 score of 9.8, reflecting a network-accessible issue with no required authentication or user interaction that can fully compromise confidentiality, integrity, and availability.

An unauthenticated attacker can exploit the flaw over the network to achieve arbitrary code execution on the client, enabling full control of the affected system without any prior credentials or user assistance.

Vendor guidance published at the PrinterLogic security bulletins page directs customers to upgrade to the fixed releases; independent analyses and disclosure lists corroborate the same version thresholds as the remediation path.

EPSS for the CVE rose from lower values to a peak of 0.0708 on 2026-05-20 before receding to the current 0.0379, indicating a measurable increase in exploitation interest after public disclosure.

EU & UK References

Vulnerability details

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Client Remote Code Execution V-2023-001.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
Why these techniques?

The CVE describes an unauthenticated client-side remote code execution vulnerability (CWE-94) in Vasion Print that allows remote attackers to execute arbitrary code on affected clients with no user interaction, directly mapping to Exploitation for Client Execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-27657Same product: Printerlogic Vasion Print
CVE-2025-27646Same product: Printerlogic Vasion Print
CVE-2025-27668Same product: Printerlogic Vasion Print
CVE-2025-27648Same product: Printerlogic Vasion Print
CVE-2025-27671Same product: Printerlogic Vasion Print
CVE-2025-27670Same product: Printerlogic Vasion Print
CVE-2025-27656Same product: Printerlogic Vasion Print
CVE-2025-27652Same product: Printerlogic Vasion Print
CVE-2025-27665Same product: Printerlogic Vasion Print
CVE-2025-27640Same product: Printerlogic Vasion Print

Affected Assets

printerlogic
vasion print
≤ 20.0.1923
printerlogic
virtual appliance
≤ 22.0.843

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely remediation of known flaws like CVE-2025-27678 through vendor patches to Virtual Appliance Host 22.0.843 and Application 20.0.1923.

detect

Mandates vulnerability scanning and monitoring to identify systems running vulnerable versions of Vasion Print affected by this unauthenticated RCE.

prevent

Enforces input validation to block code injection (CWE-94) exploits enabling remote code execution on Vasion Print clients.

References