CVE-2025-34220 – An unauthenticated API endpoint in Vasion Print... (How to Fix)

Q: What is the severity of CVE-2025-34220?

CVE-2025-34220 has a CVSS score of 5.3 (MEDIUM). An unauthenticated API endpoint in Vasion Print (formerly PrinterLogic) allows remote attackers to enumerate all group objects for a tenant. This exposes internal identifiers including group IDs, Azure AD object IDs, and tenant information. Affected systems include Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 in VA/SaaS deployments.

📋 TL;DR

An unauthenticated API endpoint in Vasion Print (formerly PrinterLogic) allows remote attackers to enumerate all group objects for a tenant. This exposes internal identifiers including group IDs, Azure AD object IDs, and tenant information. Affected systems include Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 in VA/SaaS deployments.

💻 Affected Systems

Products:

Vasion Print (formerly PrinterLogic) Virtual Appliance Host
Vasion Print (formerly PrinterLogic) Application

Versions: Virtual Appliance Host prior to 25.1.102, Application prior to 25.1.1413

Operating Systems: Not specified

Default Config Vulnerable: ⚠️ Yes

Notes: Affects VA/SaaS deployments. The vulnerability has been confirmed remediated but patch timing is unclear.

📦 What is this software?

Virtual Appliance Application by Vasion

View all CVEs affecting Virtual Appliance Application →

Virtual Appliance Host by Vasion

View all CVEs affecting Virtual Appliance Host →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could map organizational structure, identify privileged groups, and use exposed identifiers for targeted attacks or reconnaissance for further exploitation.

🟠

Likely Case

Information disclosure revealing internal group structure, member relationships, and Azure AD integration details that could facilitate social engineering or targeted attacks.

🟢

If Mitigated

Limited exposure with proper network segmentation and authentication requirements preventing unauthorized access to the vulnerable endpoint.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires manipulating Host headers and targeting the specific API endpoint without authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Virtual Appliance Host 25.1.102+, Application 25.1.1413+

Vendor Advisory: https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm

Restart Required: No

Instructions:

1. Update Virtual Appliance Host to version 25.1.102 or later. 2. Update Application to version 25.1.1413 or later. 3. Verify the /api-gateway/identity/search-groups endpoint now requires authentication.

🔧 Temporary Workarounds

Network Access Control

all

Restrict access to the vulnerable API endpoint using network firewalls or web application firewalls.

Authentication Enforcement

all

Configure the application to require authentication for all API endpoints, particularly /api-gateway/ endpoints.

🧯 If You Can't Patch

Implement strict network segmentation to isolate the vulnerable system from untrusted networks.
Deploy a web application firewall (WAF) with rules to block unauthenticated requests to /api-gateway/identity/search-groups.

🔍 How to Verify

Check if Vulnerable:

Send an unauthenticated HTTP GET request to https://<tenant>.printercloud10.com/api-gateway/identity/search-groups with appropriate Host header. If it returns group data without authentication, the system is vulnerable.

Check Version:

Check application version in admin interface or via vendor documentation for version verification.

Verify Fix Applied:

Repeat the vulnerable check. The endpoint should return an authentication error (401/403) or no data when accessed without valid credentials.

📡 Detection & Monitoring

Log Indicators:

Unauthenticated requests to /api-gateway/identity/search-groups
Multiple sequential requests to the search-groups endpoint from single IPs

Network Indicators:

HTTP traffic to /api-gateway/identity/search-groups without authentication headers
Unusual volume of requests to group enumeration endpoints

SIEM Query:

source="web_server" AND uri="/api-gateway/identity/search-groups" AND (auth_status="failed" OR auth_status="none")

📊 Metadata

CVE ID: CVE-2025-34220

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-200

EPSS Score: 0.33% exploit probability (55.3th percentile)

Published: September 29, 2025

Last Updated: October 9, 2025

🔗 References

https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm Vendor Advisory
https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm Vendor Advisory
https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-api-leak Exploit,Third Party Advisory
https://www.vulncheck.com/advisories/vasion-print-printerlogic-unauth-api-leaks-group-info Third Party Advisory
https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-api-leak Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-34220, you might also want to check these: