TROYANOSYVIRUS
Voltar para CVEs

CVE-2025-34197

HIGH
7.8

Descricao

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.951, Application prior to 20.0.2368 (VA and SaaS deployments) contain an undocumented local user account named ubuntu with a preset password and a sudoers entry granting that account passwordless root privileges (ubuntu ALL=(ALL) NOPASSWD: ALL). Anyone who knows the hardcoded password can obtain root privileges via local console or equivalent administrative access, enabling local privilege escalation. This vulnerability has been identified by the vendor as: V-2024-010 — Hardcoded Linux Password. NOTE: The patch for this vulnerability is reported to be incomplete: /etc/shadow was remediated but /etc/sudoers remains vulnerable.

Detalhes CVE

Pontuacao CVSS v3.17.8
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueLOCAL
ComplexidadeLOW
Privilegios necessariosLOW
Interacao do usuarioNONE
Publicado9/19/2025
Ultima modificacao10/2/2025
Fontenvd
Avistamentos honeypot0

Produtos afetados

vasion:virtual_appliance_applicationvasion:virtual_appliance_host

Fraquezas (CWE)

CWE-798

Referencias

https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm(disclosure@vulncheck.com)
https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm(disclosure@vulncheck.com)
https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-hardcoded-password-ubuntu(disclosure@vulncheck.com)
https://www.vulncheck.com/advisories/vasion-print-printerlogic-undocumented-local-account-with-hardcoded-password-and-passwordless-sudo(disclosure@vulncheck.com)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.