CVE-2025-34220 is a vulnerability in Vasion Print Virtual Appliance Host (formerly PrinterLogic) versions prior to 25.1.102 and Application versions prior to 25.1.1413, affecting both VA and SaaS deployments. The vulnerability arises from the /api-gateway/identity/search-groups API endpoint, which does not enforce authentication. An unauthenticated attacker can send crafted requests to this endpoint, including manipulating the Host header, to enumerate all group objects associated with a specific tenant. The response discloses sensitive internal identifiers such as group IDs, source service IDs, Azure Active Directory object IDs, creation timestamps, and tenant IDs. This information leakage can aid attackers in reconnaissance, facilitating further targeted attacks such as privilege escalation, lateral movement, or social engineering. The vulnerability is classified under CWE-306 (Missing Authentication for Critical Function) and CWE-200 (Information Exposure). The CVSS 4.0 vector indicates network attack vector, low attack complexity, no privileges or user interaction required, and limited confidentiality impact. No known exploits have been reported publicly, and the vendor has remediated the issue, although the exact patch release date is unspecified. The vulnerability affects all versions prior to the fixed releases, implying a broad attack surface for unpatched deployments.

For European organizations, this vulnerability primarily threatens the confidentiality of internal group and identity information within the Vasion Print environment. Disclosure of group IDs, Azure AD object IDs, and tenant identifiers can facilitate targeted attacks such as identity spoofing, privilege escalation, or crafting of phishing campaigns tailored to internal organizational structures. While it does not directly allow system compromise or availability disruption, the information leakage can be a stepping stone for more severe attacks. Organizations with extensive use of Vasion Print in managed print services or large enterprise environments are at higher risk. The exposure of Azure AD object IDs is particularly sensitive given the widespread use of Azure AD in Europe for identity management. Additionally, the vulnerability could undermine trust in managed print infrastructure and complicate compliance with data protection regulations like GDPR if tenant-specific information is leaked. The lack of authentication requirement means any external attacker with network access to the appliance or SaaS endpoint can exploit this vulnerability, increasing the risk surface.

European organizations should immediately verify their Vasion Print Virtual Appliance Host and Application versions and upgrade to at least 25.1.102 and 25.1.1413 or later where the vulnerability is patched. If upgrading is not immediately possible, restrict network access to the /api-gateway/identity/search-groups endpoint by implementing strict firewall rules or network segmentation to limit access only to trusted administrative networks. Monitor network traffic for unusual requests targeting this endpoint, especially those with manipulated Host headers. Employ strong identity and access management controls around the print infrastructure and audit logs for suspicious activity. Coordinate with Vasion support to confirm patch availability and deployment timelines. Additionally, review Azure AD and group configurations for any anomalies that could be exploited using the leaked identifiers. Consider implementing anomaly detection on authentication and group membership changes to detect potential misuse stemming from reconnaissance activities. Finally, incorporate this vulnerability into incident response plans and threat hunting exercises to identify any exploitation attempts.