Description
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (Windows client deployments) contain a registry key that can be enabled by administrators, causing the client to skip SSL/TLS certificate validation. An attacker who can intercept HTTPS traffic can then inject malicious driver DLLs, resulting in remote code execution with SYSTEM privileges; a local attacker can achieve local privilege escalation via a junction‑point DLL injection. This vulnerability has been confirmed to be remediated, but it is unclear as to when the patch was introduced.
INFO
Published Date :
2025-09-29T20:44:01.002Z
Last Modified :
2025-11-17T23:56:38.182Z
Source :
VulnCheck
AFFECTED PRODUCTS
The following products are affected by CVE-2025-34235 vulnerability.
| Vendors | Products |
|---|---|
| Microsoft |
|
| Vasion |
|
REFERENCES
Here, you will find a curated list of external links that provide in-depth information to CVE-2025-34235.