Cyber Resilience

CVE-2025-34210

CriticalPublic PoC

Published: 02 October 2025

Published
02 October 2025
Modified
09 October 2025
KEV Added
Patch
CVSS Score v4 9.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0002 6.5th percentile
Risk Priority 19 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-34210 is a critical-severity Plaintext Storage of a Password (CWE-256) vulnerability in Vasion Virtual Appliance Application. Its CVSS base score is 9.4 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Services File Permissions Weakness (T1574.010); ranked at the 6.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SaaS deployments) store a large number of sensitive credentials (database passwords, MySQL root password, SaaS keys, Portainer admin password, etc.) in cleartext files that are world-readable. Any local user - or…

more

any process that can read the host filesystem - can retrieve all of these secrets in plain text, leading to credential theft and full compromise of the appliance. The vendor does not consider this to be a security vulnerability as this product "follows a shared responsibility model, where administrators are expected to configure persistent storage encryption."

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1574.010 Services File Permissions Weakness Stealth
Adversaries may execute their own malicious payloads by hijacking the binaries used by services.
T1552.001 Credentials In Files Credential Access
Adversaries may search local file systems and remote file shares for files containing insecurely stored credentials.
Why these techniques?

Vulnerability stores sensitive credentials (e.g., database passwords, MySQL root, SaaS keys) in plaintext world-readable files, enabling exploitation of file system permissions weaknesses (T1044) to steal unsecured credentials from files (T1552.001).

Affected Assets

vasion
virtual appliance application
all versions
vasion
virtual appliance host
all versions

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-256

Protection of passwords and credentials at rest forces encryption or equivalent controls instead of plaintext storage.

References