← Zuruck zu CVEs

CVE-2025-34192

CRITICAL

9.8

Beschreibung

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.893 and Application versions prior to 20.0.2140 (macOS/Linux client deployments) are built against OpenSSL 1.0.2h-fips (released May 2016), which has been end-of-life since 2019 and is no longer supported by the OpenSSL project. Continued use of this outdated cryptographic library exposes deployments to known vulnerabilities that are no longer patched, weakening the overall security posture. Affected daemons may emit deprecation warnings and rely on cryptographic components with unresolved security flaws, potentially enabling attackers to exploit weaknesses in TLS/SSL processing or cryptographic operations. This vulnerability has been identified by the vendor as: V-2023-021 — Out-of-Date OpenSSL Library.

CVE Details

CVSS v3.1 Bewertung9.8

SchweregradCRITICAL

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht9/19/2025

Zuletzt geandert10/2/2025

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

apple:macoslinux:linux_kernelvasion:virtual_appliance_applicationvasion:virtual_appliance_host

Schwachen (CWE)

CWE-1104

Referenzen

https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm(disclosure@vulncheck.com)

https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm(disclosure@vulncheck.com)

https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#mac-outdated-openssl(disclosure@vulncheck.com)

https://www.vulncheck.com/advisories/vasion-print-printerlogic-usage-of-outdated-and-unsupported-openssl-version(disclosure@vulncheck.com)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.