Cyber Resilience

CVE-2025-27685

High

Published: 05 March 2025

Published
05 March 2025
Modified
03 November 2025
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0008 23.4th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-27685 is a high-severity Cleartext Storage of Sensitive Information (CWE-312) vulnerability in Printerlogic Vasion Print. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Private Keys (T1552.004); ranked at the 23.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 CM-6 (Configuration Settings) and SC-28 (Protection of Information at Rest).

Deeper analysis

CVE-2025-27685 is a vulnerability in Vasion Print, formerly known as PrinterLogic, affecting versions before Virtual Appliance Host 1.0.735 Application 20.0.1330. It involves a configuration file that exposes a Certificate Authority (CA) certificate and private key, corresponding to CWE-312 (Cleartext Storage of Sensitive Information). The issue carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), highlighting high confidentiality impact with network-based exploitation potential.

Unauthenticated attackers with network access can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation allows remote retrieval of the configuration file, yielding the CA certificate and private key, which could facilitate subsequent attacks like impersonation or interception of print-related communications.

Mitigation requires updating to Virtual Appliance Host 1.0.735 Application 20.0.1330 or later. Vendor security bulletins are available at https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm, alongside details in Pierre Kim's disclosure of 83 Vasion/PrinterLogic vulnerabilities at https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html and the Full Disclosure mailing list at http://seclists.org/fulldisclosure/2025/Apr/18.

EU & UK References

Vulnerability details

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 allows Configuration File Contains CA & Private Key V-2022-001.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1552.004 Private Keys Credential Access
Adversaries may search for private key certificate files on compromised systems for insecurely stored credentials.
Why these techniques?

The vulnerability exposes a CA certificate and private key in cleartext within a remotely retrievable configuration file, directly enabling adversaries to obtain private keys.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-27650Same product: Printerlogic Vasion Print
CVE-2025-27681Same product: Printerlogic Vasion Print
CVE-2025-27684Same product: Printerlogic Vasion Print
CVE-2025-27642Same product: Printerlogic Vasion Print
CVE-2025-27678Same product: Printerlogic Vasion Print
CVE-2025-27677Same product: Printerlogic Vasion Print
CVE-2025-27667Same product: Printerlogic Vasion Print
CVE-2025-27661Same product: Printerlogic Vasion Print
CVE-2025-27674Same product: Printerlogic Vasion Print
CVE-2025-27658Same product: Printerlogic Vasion Print

Affected Assets

printerlogic
vasion print
≤ 20.0.1330
printerlogic
virtual appliance
≤ 1.0.735

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires cryptographic mechanisms to protect confidentiality of sensitive information at rest, directly mitigating the cleartext storage of the CA certificate and private key in the configuration file.

prevent

Mandates establishment and implementation of secure configuration settings, preventing exposure of sensitive data like CA certificates and private keys in remotely accessible files.

prevent

Requires timely identification, reporting, and correction of system flaws, enabling deployment of the vendor patch that resolves the vulnerable configuration file exposure.

References