CVE-2025-34206
Published: 19 September 2025
Summary
CVE-2025-34206 is a critical-severity Cleartext Storage of Sensitive Information (CWE-312) vulnerability in Vasion Virtual Appliance Application. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Services File Permissions Weakness (T1574.010); ranked at the 37.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Prevents unauthorized and unintended information transfer via shared system resources like the /var/www/efs_storage mount accessible across multiple Docker containers.
Enforces least privilege to limit container access to only necessary sensitive files such as secrets.env and MySQL keys, countering overly permissive permissions.
Enforces approved authorizations for logical access to shared filesystem resources, directly mitigating exposure and modification of configuration secrets in Docker environments.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Overly permissive filesystem permissions on shared host storage (/var/www/efs_storage) mounted into Docker containers enable abuse of file system permissions (T1044), theft of web session cookies from session files (T1506), unsecured credentials and private keys from files like secrets.env and MySQL/GPG keys (T1552.001, T1552.004), and container escape to host via misconfigured volume mounts (T1611).
NVD Description
Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) mount host configuration and secret material under /var/www/efs_storage into many Docker containers with overly-permissive filesystem permissions. Files such as secrets.env, GPG-encrypted blobs in .secrets, MySQL client keys,…
more
and application session files are accessible from multiple containers. An attacker who controls or reaches any container can read or modify these artifacts, leading to credential theft, RCE via Laravel APP_KEY, Portainer takeover, and full compromise.
Deeper analysisAI
CVE-2025-34206 is a critical vulnerability in Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application, affecting both VA and SaaS deployments. It stems from the mounting of host configuration and secret material under /var/www/efs_storage into numerous Docker containers using overly-permissive filesystem permissions. This exposure includes sensitive files such as secrets.env, GPG-encrypted blobs in .secrets, MySQL client keys, and application session files, which become accessible across multiple containers. The issue is classified under CWE-312 (Cleartext Storage of Sensitive Information) and CWE-732 (Incorrect Permission Assignment for Critical Resource), with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
An attacker who gains control of or reaches any affected Docker container can read or modify these exposed artifacts. Potential impacts include credential theft, remote code execution through manipulation of the Laravel APP_KEY, takeover of Portainer for container orchestration, and full compromise of the environment. The vulnerability requires no privileges or user interaction and is exploitable over the network with low complexity.
Vendor security bulletins for SaaS and VA deployments provide mitigation details at https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm and https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm. Further technical analysis, including this vulnerability within a set of 83 flaws, is documented by Pierre Kim at https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-insecure-security-architecture and VulnCheck at https://www.vulncheck.com/advisories/vasion-print-printerlogic-insecure-shared-storage-permissions.
Details
- CWE(s)