CVE-2025-34217
Published: 30 September 2025
Summary
CVE-2025-34217 is a critical-severity Use of Hard-coded Cryptographic Key (CWE-321) vulnerability in Vasion Virtual Appliance Application. Its CVSS base score is 10.0 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique SSH (T1021.004); ranked at the 40.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-2 (Account Management) and AC-6 (Least Privilege).
Deeper analysis
CVE-2025-34217 is a critical vulnerability in Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application, affecting VA/SaaS deployments. It stems from an undocumented 'printerlogic' user account that includes a hardcoded SSH public key in the ~/.ssh/authorized_keys file, combined with a sudoers rule granting the printerlogic_ssh group NOPASSWD: ALL privileges. Possession of the matching private key enables root access to the appliance. The issue is rated at CVSS 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and maps to CWE-321.
Any remote attacker (AV:N) with the corresponding private key can exploit this vulnerability without privileges (PR:N), low complexity (AC:L), or user interaction (UI:N). Exploitation grants root-level access via SSH, resulting in high impacts on confidentiality, integrity, and availability, allowing full compromise of the affected appliance.
PrinterLogic security bulletins for SaaS and VA deployments detail mitigations at https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm and https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm. Additional analysis, including this vulnerability among 83 others, is available in Pierre Kim's advisory at https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-undocumented-hardcoded-ssh-key.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-31730
Vulnerability details
Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SaaS deployments) contain an undocumented 'printerlogic' user with a hardcoded SSH public key in '~/.ssh/authorized_keys' and a sudoers rule granting the printerlogic_ssh group 'NOPASSWD: ALL'. Possession of the matching private key…
more
gives an attacker root access to the appliance.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Hardcoded SSH public key for undocumented 'printerlogic' user with sudo NOPASSWD: ALL enables remote access via SSH (T1021.004) using valid default account credentials (T1078.001) and privilege escalation to root via sudo (T1548.003).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
AC-2 requires identification, provisioning, and management of user accounts, directly preventing undocumented service accounts like 'printerlogic' with excessive privileges.
IA-5 mandates secure management and protection of authenticators, prohibiting hardcoded SSH public keys in ~/.ssh/authorized_keys files.
AC-6 enforces principle of least privilege, mitigating sudoers rules granting NOPASSWD: ALL to groups like printerlogic_ssh.