Critical CVEs Discovered in Vasion Print (Formerly PrinterLogic) – RCEs and LPEs Exposed

By /

Listen to this Post

Security researcher Pierre Barre “Kim” has disclosed 33 CVEs related to vulnerabilities in Vasion Print (previously PrinterLogic), with approximately 50 more pending assignment. The vulnerabilities include Remote Code Execution (RCE) and Local Privilege Escalation (LPE) flaws affecting the Virtual Appliance, Windows client, macOS client, and SaaS components.

List of CVEs:

  • CVE-2025-27637 to CVE-2025-27657
  • CVE-2025-27659
  • CVE-2025-27674 to CVE-2025-27685

A technical analysis is expected soon.

You Should Know: Securing Systems Against RCE and LPE Exploits

1. Detecting Vulnerable Vasion Print Instances

Use Nmap to scan for exposed instances:

nmap -p 80,443,8080 --script vuln <target_IP>

2. Mitigating RCE Risks (Linux/Windows)

  • Linux: Restrict binary execution via chmod:
    chmod 750 /usr/bin/vasion-print
  • Windows: Apply strict AppLocker policies:
    New-AppLockerPolicy -RuleType Publisher,Path -FileInformation <executable_path> -User Everyone -Deny

3. Preventing LPE Attacks

  • Linux: Use `sudo` restrictions:
    echo "user ALL=(ALL) !/usr/bin/vasion-admin" >> /etc/sudoers
  • Windows: Enable LSA Protection (regedit):
    reg add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v RunAsPPL /t REG_DWORD /d 1 /f

4. Patch Management

Automate updates using:

  • Linux (Cron Job):
    0 3    /usr/bin/apt update && /usr/bin/apt upgrade -y
  • Windows (GPO):
    Install-Module PSWindowsUpdate -Force 
Install-WindowsUpdate -AcceptAll -AutoReboot

5. Logging & Monitoring

  • Linux (rsyslog):
    echo "auth. /var/log/vasion-auth.log" >> /etc/rsyslog.conf 
systemctl restart rsyslog
  • Windows (Event Forwarding):
    wevtutil sl /e:true /q:true

What Undercode Say

The discovery of 80+ vulnerabilities in Vasion Print highlights the risks of enterprise print management systems. Immediate actions include:
– Network Segmentation: Isolate print servers.
– Strict Access Controls: Enforce least privilege via `sudo` (Linux) and User Account Control (UAC) (Windows).
– Exploit Testing: Use Metasploit or CVE-2025-27637 PoCs (when released) for validation.

Relevant Commands for Defense:

 Linux: Check open ports 
ss -tulnp | grep vasion

Windows: Verify service permissions 
icacls "C:\Program Files\Vasion Print\"

Expected Output:

A hardened system with:

  • Restricted Vasion Print binaries.
  • Real-time logging for `vasion-auth.log` (Linux) or Event Viewer (Windows).
  • Automated patching via cron/GPO.

Stay tuned for Pierre’s technical analysis.

Note: If no cyber/IT content is detected, response will be a single random word.

Expected Output:

Hardened

References:

Reported By: Pierrebarresec I – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Related Posts: