CNNVD-202509-3083 Information
CNNVD ID
CNNVD-202509-3083
Related CVE
- CNNVD Published: 2025-09-19
Description (Chinese)
Vasion Print和Vasion Print Virtual Appliance Host都是Vasion公司的产品。Vasion Print是一款基于 SaaS 的云托管应用程序,用于管理和部署打印机。Vasion Print Virtual Appliance Host是一个打印管理软件。 Vasion Print和Vasion Print Virtual Appliance Host存在安全漏洞,该漏洞源于PrinterInstallerClient组件临时文件处理不当,可能导致本地用户通过符号链接操作任意文件系统位置,从而引发权限提升。
Description (English)
Vasion Print and Vasion Prince Virgin Application Host are both products of Vasion. Vasion Print is a cloud hosting application based on SaaS for the management and deployment of printers. Vasion Prit Virgin Application Host is a print management software. There is a security loophole in Vasion Prit and Vasion Print Virgin Application Host, which stems from the inappropriate handling of temporary files for the Prince Installer Clit component, which may lead local users to operate on any file system location through a symbol link, thereby triggering an increase in privileges.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Vela
Published
2025-09-19
Last Modified
2026-02-24
References
https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm https://www.vulncheck.com/advisories/vasion-print-printerlogic-lpe-via-insecure-temporary-file-handling https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#win-lpe-02 https://access.redhat.com/security/cve/cve-2025-34194