CVE-2025-34220 is a vulnerability categorized under CWE-306 (Missing Authentication for Critical Function) and CWE-200 (Information Exposure) affecting Vasion Print Virtual Appliance Host and Application in VA/SaaS deployments prior to versions 25.1.102 and 25.1.1413 respectively. The vulnerability exists because the /api-gateway/identity/search-groups endpoint does not enforce authentication, allowing any unauthenticated remote attacker to send requests to https://<tenant>.printercloud10.com/api-gateway/identity/search-groups and enumerate all group objects associated with that tenant. By manipulating the Host header, attackers can retrieve detailed internal information including group IDs, source service IDs, Azure Active Directory object IDs, creation timestamps, and tenant IDs. This information disclosure can facilitate further targeted attacks such as privilege escalation, lateral movement, or social engineering by providing attackers with a detailed map of the tenant’s group structure and identity references. The vulnerability is remotely exploitable without any privileges or user interaction, increasing its risk profile. While no active exploits have been reported, the vulnerability’s medium CVSS score (6.9) reflects the significant confidentiality impact combined with ease of exploitation. The vendor has confirmed remediation, but the timeline for patch deployment is not clearly documented, which may leave some deployments exposed. This vulnerability highlights the critical need for proper authentication controls on API endpoints that expose sensitive identity and group information in cloud or virtual appliance environments.

For European organizations, the primary impact of CVE-2025-34220 is the unauthorized disclosure of sensitive identity and group information within Vasion Print environments. This information leakage can aid attackers in reconnaissance activities, enabling them to map organizational structures, identify privileged groups, and potentially craft more effective targeted attacks such as phishing or privilege escalation attempts. Organizations relying on Vasion Print for print management in VA/SaaS deployments may face increased risk of data breaches or lateral movement if attackers leverage this information. Confidentiality is directly impacted, while integrity and availability are not affected by this vulnerability. The exposure of Azure AD object IDs and tenant IDs is particularly concerning for organizations heavily integrated with Microsoft cloud services, as it may facilitate identity-based attacks. Given the widespread use of print management solutions in enterprises, the vulnerability could affect a broad range of sectors including government, finance, healthcare, and manufacturing across Europe. The lack of authentication requirement and remote exploitability increase the urgency for European organizations to assess their exposure and remediate promptly to prevent potential exploitation and subsequent attacks.

European organizations should immediately verify their Vasion Print Virtual Appliance Host and Application versions and upgrade to versions 25.1.102 or later for the appliance and 25.1.1413 or later for the application to ensure the vulnerability is patched. If immediate patching is not feasible, organizations should implement network-level access controls to restrict access to the /api-gateway/identity/search-groups endpoint, limiting it to trusted internal IP addresses or VPN users only. Monitoring and logging of access to this endpoint should be enabled to detect any anomalous or unauthorized requests indicative of reconnaissance attempts. Additionally, organizations should review and tighten API gateway configurations and Host header validation to prevent header manipulation attacks. Conducting regular security audits and penetration tests focusing on API authentication controls can help identify similar weaknesses. Finally, educating security teams about this vulnerability and ensuring incident response plans include scenarios involving identity enumeration attacks will improve preparedness.