CVE-2025-27683

High

Published: 05 March 2025

Published

05 March 2025

Modified

03 November 2025

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0039 60.2th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-27683 is a high-severity Unrestricted Upload of File with Dangerous Type (CWE-434) vulnerability in Printerlogic Vasion Print. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 39.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-9 (Information Input Restrictions).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly requires validation of uploaded driver files to ensure only safe types and content are accepted, preventing unrestricted upload of dangerous files.

SI-9 Information Input Restrictions good match

prevent

Restricts the types of files that can be input to the virtual appliance, blocking dangerous driver uploads at the entry point.

SI-3 Malicious Code Protection partial match

preventdetect

Deploys malicious code protection at system entry points to scan and block potentially harmful uploaded drivers.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1105 Ingress Tool Transfer Command And Control

Adversaries may transfer tools or other files from an external system into a compromised environment.

attack.mitre.org →

Why these techniques?

Unrestricted file upload vulnerability (CWE-434) in a network-accessible application directly enables remote exploitation of a public-facing app (T1190) and allows transfer of malicious driver files into the target environment (T1105).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 allows Driver Unrestricted Upload of File with Dangerous Type V-2022-006.

Deeper analysisAI

CVE-2025-27683 affects Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions before 1.0.735 Application 20.0.1330. The vulnerability enables unrestricted upload of files with dangerous types, specifically drivers, and is classified under CWE-434 (Unrestricted Upload of File with Dangerous Type). Published on 2025-03-05, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), reflecting high severity due to network accessibility, low attack complexity, and significant impacts on confidentiality, integrity, and availability.

An authenticated attacker with low privileges can exploit this vulnerability remotely over the network without requiring user interaction. Exploitation allows uploading malicious driver files, potentially leading to high-impact compromise of the affected system, including unauthorized access, modification, or disruption.

Official mitigation guidance recommends upgrading to Virtual Appliance Host 1.0.735 Application 20.0.1330 or later. Additional details are provided in security bulletins at https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm, Pierre Kim's advisory at https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html, and Full Disclosure mailing list entry at http://seclists.org/fulldisclosure/2025/Apr/18.

Details

CWE(s): CWE-434

Affected Products

printerlogic

vasion print

≤ 20.0.1330

printerlogic

virtual appliance

≤ 1.0.735

CVEs Like This One

CVE-2025-27642Same product: Printerlogic Vasion Print

CVE-2025-27651Same product: Printerlogic Vasion Print

CVE-2025-27649Same product: Printerlogic Vasion Print

CVE-2025-27668Same product: Printerlogic Vasion Print

CVE-2025-27641Same product: Printerlogic Vasion Print

CVE-2025-27657Same product: Printerlogic Vasion Print

CVE-2025-27665Same product: Printerlogic Vasion Print

CVE-2025-27675Same product: Printerlogic Vasion Print

CVE-2025-27659Same product: Printerlogic Vasion Print

CVE-2025-27664Same product: Printerlogic Vasion Print

References

https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm
Vendor Advisory · cve@mitre.org
https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html
cve@mitre.org
http://seclists.org/fulldisclosure/2025/Apr/18
af854a3a-2127-422b-91ae-364da2661108