CVE-2025-34200
Published: 19 September 2025
Summary
CVE-2025-34200 is a high-severity Cleartext Storage of Sensitive Information (CWE-312) vulnerability in Vasion Virtual Appliance Application. Its CVSS base score is 8.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Credentials In Files (T1552.001); ranked at the 10.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-30260
Vulnerability details
Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) provision the appliance with the network account credentials in clear-text inside /etc/issue, and the file is world-readable by default. An attacker with local shell access can read…
more
/etc/issue to obtain the network account username and password. Using the network account an attacker can change network parameters via the appliance interface, enabling local misconfiguration, network disruption or further escalation depending on deployment.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability exposes network account credentials in clear-text within the world-readable /etc/issue file, enabling attackers with local access to steal credentials from files (T1552.001). These credentials facilitate network misconfiguration or escalation.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Training on secure data handling discourages cleartext storage of sensitive information.
Data action mapping can detect storage actions that leave sensitive information in cleartext.
Configuration policies can mandate secure storage methods to avoid cleartext storage of sensitive information.
Policy requires protection measures such as encryption for sensitive data stored on media, preventing cleartext exposure.
Key-management policy requires protected storage of key material, preventing cleartext storage of sensitive cryptographic keys.
Requiring confidentiality protection for information at rest eliminates cleartext storage of sensitive data on persistent media.
Reduces cleartext storage of sensitive data when OPSEC identifies and mandates protection of key information artifacts.