CVE-2025-34197

Vasion Print (formerly PrinterLogic) Undocumented Local Account with Hardcoded Password and Passwordless sudo

CVSS 8.6 HIGHEPSS 0.3%CWE-798

Vexday Risk Score

21Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 8.6EPSS 0.3%KEV nãoPoC —Patch referenciado

Ciclo de vida

19 set 2025Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.951, Application prior to 20.0.2368 (VA and SaaS deployments) contain an undocumented local user account named ubuntu with a preset password and a sudoers entry granting that account passwordless root privileges (ubuntu ALL=(ALL) NOPASSWD: ALL). Anyone who knows the hardcoded password can obtain root privileges via local console or equivalent administrative access, enabling local privilege escalation. This vulnerability has been identified by the vendor as: V-2024-010 — Hardcoded Linux Password. NOTE: The patch for this vulnerability is reported to be incomplete: /etc/shadow was remediated but /etc/sudoers remains vulnerable.

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Produtos afetados

Vasion · Print Application Vasion · Print Virtual Appliance Host

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-hardcoded-password-ubuntu https://www.vulncheck.com/advisories/vasion-print-printerlogic-undocumented-local-account-with-hardcoded-password-and-passwordless-sudo