CVE-2025-34196

Name of the Vulnerable Software and Affected Versions Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 25.1.102 Vasion Print Application versions prior to 25.1.1413

Description The Vasion Print Virtual Appliance Host and Application contain a hardcoded private key for the PrinterLogic Certificate Authority (CA) and a hardcoded password within product configuration files. The Windows client includes the CA certificate, its associated private key, and other sensitive settings, such as a configured password, directly in shipped configuration files like clientsettings.dat and defaults.ini. An attacker gaining access to these files could impersonate the CA, sign arbitrary certificates trusted by the Windows client, intercept or decrypt TLS-protected communications, and conduct man-in-the-middle or impersonation attacks against the product’s network communications.

Recommendations Update Vasion Print Virtual Appliance Host to version 25.1.102 or later. Update Vasion Print Application to version 25.1.1413 or later.