CVE-2025-34195

Name of the Vulnerable Software and Affected Versions Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 Vasion Print (formerly PrinterLogic) Application versions prior to 20.0.1330

Description Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and Application versions prior to 20.0.1330 (Windows client deployments) contain a remote code execution issue during driver installation. This is due to unquoted program paths within the PrinterInstallerClient driver-installation component, specifically when launching programs under "C:Program Files (x86)Printer Properties ProPrinter Installer". The operating system may execute a program at a short-path location, such as C:Program.exe, before the intended binaries. If an attacker places a program at that location, it will be executed with the privileges of the installer process, potentially leading to arbitrary code execution and privilege escalation. This weakness can be exploited to achieve remote code execution and compromise affected Windows endpoints. The vendor has identified this issue as V-2022-006 — Driver Upload Security.

Recommendations Update Vasion Print Virtual Appliance Host to version 1.0.735 or later. Update Vasion Print Application to version 20.0.1330 or later.