CVE-2025-27678
Published: 05 March 2025
Summary
CVE-2025-27678 is a critical-severity Code Injection (CWE-94) vulnerability in Printerlogic Vasion Print. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked in the top 10.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires timely remediation of known flaws like CVE-2025-27678 through vendor patches to Virtual Appliance Host 22.0.843 and Application 20.0.1923.
Mandates vulnerability scanning and monitoring to identify systems running vulnerable versions of Vasion Print affected by this unauthenticated RCE.
Enforces input validation to block code injection (CWE-94) exploits enabling remote code execution on Vasion Print clients.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The CVE describes an unauthenticated client-side remote code execution vulnerability (CWE-94) in Vasion Print that allows remote attackers to execute arbitrary code on affected clients with no user interaction, directly mapping to Exploitation for Client Execution.
NVD Description
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Client Remote Code Execution V-2023-001.
Deeper analysisAI
CVE-2025-27678 is a client remote code execution vulnerability (CWE-94) in Vasion Print, formerly known as PrinterLogic, affecting versions before Virtual Appliance Host 22.0.843 and Application 20.0.1923. Published on 2025-03-05, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical due to its potential for severe impact without authentication or user interaction.
Unauthenticated remote attackers can exploit this vulnerability over the network with low complexity. Successful exploitation enables remote code execution on affected clients, compromising confidentiality, integrity, and availability to a high degree.
Mitigation requires upgrading to Virtual Appliance Host 22.0.843 Application 20.0.1923 or later. Additional details on patches and advisories are provided in PrinterLogic's security bulletins at https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm, Pierre Kim's analysis of 83 related vulnerabilities at https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html, and the Full Disclosure mailing list entry at http://seclists.org/fulldisclosure/2025/Apr/18.
Details
- CWE(s)