CVE-2025-34235: CWE-295 Improper Certificate Validation in Vasion Print Virtual Appliance Host
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (Windows client deployments) contain a registry key that can be enabled by administrators, causing the client to skip SSL/TLS certificate validation. An attacker who can intercept HTTPS traffic can then inject malicious driver DLLs, resulting in remote code execution with SYSTEM privileges; a local attacker can achieve local privilege escalation via a junction‑point DLL injection. This vulnerability has been confirmed to be remediated, but it is unclear as to when the patch was introduced.
AI Analysis
Technical Summary
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions before 25.1.102 and Windows client application versions before 25.1.1413 contain a registry key that, if enabled by administrators, causes the client to bypass SSL/TLS certificate validation. This improper certificate validation (CWE-295) allows an attacker capable of intercepting HTTPS traffic to inject malicious driver DLLs, resulting in remote code execution with SYSTEM privileges. Local attackers can also exploit junction-point DLL injection to escalate privileges locally. The vulnerability has been confirmed fixed, but the precise patch version or date is not specified in the available data.
Potential Impact
Successful exploitation allows remote attackers who can intercept HTTPS traffic to execute arbitrary code with SYSTEM privileges on affected systems. Local attackers may escalate privileges via DLL injection. This can lead to full system compromise. The vulnerability is rated critical with a CVSS 4.0 score of 9.5, reflecting high attack vector accessibility and severe impact on confidentiality, integrity, and availability.
Mitigation Recommendations
The vulnerability has been confirmed as remediated by the vendor, though the exact patch version or date is not specified. Administrators should ensure they are running Vasion Print Virtual Appliance Host version 25.1.102 or later and Windows client application version 25.1.1413 or later. If the registry key that disables certificate validation is enabled, it should be disabled to prevent bypassing SSL/TLS validation. Patch status is not yet confirmed with exact details—check the vendor advisory for current remediation guidance.
CVE-2025-34235: CWE-295 Improper Certificate Validation in Vasion Print Virtual Appliance Host
Description
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (Windows client deployments) contain a registry key that can be enabled by administrators, causing the client to skip SSL/TLS certificate validation. An attacker who can intercept HTTPS traffic can then inject malicious driver DLLs, resulting in remote code execution with SYSTEM privileges; a local attacker can achieve local privilege escalation via a junction‑point DLL injection. This vulnerability has been confirmed to be remediated, but it is unclear as to when the patch was introduced.
CVSS v4.0
Score 9.5critical
Affected software
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions before 25.1.102 and Windows client application versions before 25.1.1413 contain a registry key that, if enabled by administrators, causes the client to bypass SSL/TLS certificate validation. This improper certificate validation (CWE-295) allows an attacker capable of intercepting HTTPS traffic to inject malicious driver DLLs, resulting in remote code execution with SYSTEM privileges. Local attackers can also exploit junction-point DLL injection to escalate privileges locally. The vulnerability has been confirmed fixed, but the precise patch version or date is not specified in the available data.
Potential Impact
Successful exploitation allows remote attackers who can intercept HTTPS traffic to execute arbitrary code with SYSTEM privileges on affected systems. Local attackers may escalate privileges via DLL injection. This can lead to full system compromise. The vulnerability is rated critical with a CVSS 4.0 score of 9.5, reflecting high attack vector accessibility and severe impact on confidentiality, integrity, and availability.
Mitigation Recommendations
The vulnerability has been confirmed as remediated by the vendor, though the exact patch version or date is not specified. Administrators should ensure they are running Vasion Print Virtual Appliance Host version 25.1.102 or later and Windows client application version 25.1.1413 or later. If the registry key that disables certificate validation is enabled, it should be disabled to prevent bypassing SSL/TLS validation. Patch status is not yet confirmed with exact details—check the vendor advisory for current remediation guidance.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulnCheck
- Date Reserved
- 2025-04-15T19:15:22.575Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 68daf13ab7e37eb34163aac3
Added to database: 09/29/2025, 20:51:06 UTC
Last enriched: 05/16/2026, 09:22:43 UTC
Last updated: 07/07/2026, 22:28:17 UTC
Views: 352
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.