CVE-2025-27647
Published: 05 March 2025
Description
Adversaries may create a local account to maintain access to victim systems.
Security Summary
CVE-2025-27647 is a critical authentication bypass vulnerability (CWE-306: Missing Authentication for Critical Function) in Vasion Print, formerly known as PrinterLogic, affecting versions prior to Virtual Appliance Host 22.0.913 Application 20.0.2253. The flaw allows unauthenticated attackers to add partial admin users without proper authentication checks, earning a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). It was published on 2025-03-05.
Remote attackers require no privileges or user interaction to exploit this over the network with low complexity. Successful exploitation enables the creation of partial admin accounts, potentially granting high-impact unauthorized access to confidentiality, integrity, and availability of the affected appliance, leading to full system compromise.
Vendor security bulletins and advisories, including those at https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm, detail mitigation through upgrading to Virtual Appliance Host 22.0.913 Application 20.0.2253 or later. Additional analysis is available in Pierre Kim's disclosure at https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html and Full Disclosure mailing list at http://seclists.org/fulldisclosure/2025/Apr/18.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Authentication bypass in public-facing Vasion Print appliance directly enables remote exploitation of the application (T1190) to create unauthorized local admin accounts (T1136.001) without credentials.