CVE-2025-27681
Published: 05 March 2025
Summary
CVE-2025-27681 is a critical-severity Client-Side Enforcement of Server-Side Security (CWE-602) vulnerability in Printerlogic Vasion Print. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 46.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Flaw remediation directly addresses CVE-2025-27681 by requiring timely patching of the vulnerable Vasion Print appliance to version 1.0.735 Application 20.0.1330.
Access enforcement ensures server-side security checks are properly implemented, countering the CWE-602 client-side enforcement mishandling that enables unauthenticated remote compromise.
Boundary protection limits network access to the appliance, mitigating the AV:N/AC:L attack vector for unauthenticated remote exploitation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability is a critical unauthenticated remote code execution flaw in a public-facing print server appliance (CWE-602 client-side security enforcement bypass), directly enabling exploitation of public-facing applications for initial access and full system compromise.
NVD Description
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 mishandles Client Inter-process Security V-2022-004.
Deeper analysisAI
CVE-2025-27681 affects Vasion Print, formerly known as PrinterLogic, in versions before Virtual Appliance Host 1.0.735 Application 20.0.1330. The vulnerability stems from mishandling Client Inter-process Security V-2022-004, mapped to CWE-602 (Client-Side Enforcement of Server-Side Security). It carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), reflecting critical severity due to its network vector, low complexity, lack of required privileges or user interaction, and high impacts across confidentiality, integrity, and availability.
An unauthenticated remote attacker can exploit this vulnerability over the network without privileges or user interaction. Exploitation enables high-level compromise of confidentiality, integrity, and availability, potentially allowing arbitrary code execution or full control over the affected appliance.
Vendor security bulletins provide mitigation guidance at https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm. Additional details appear in Pierre Kim's analysis of 83 Vasion/PrinterLogic vulnerabilities at https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html and the Full Disclosure mailing list at http://seclists.org/fulldisclosure/2025/Apr/18.
Details
- CWE(s)