Primary

Context

Vasion Print Local Privilege Escalation Vulnerability via Undocumented User Account

Vulnerability

Patched

A vulnerability exists in Vasion Print Virtual Appliance Host versions prior to 22.0.951 and Application versions prior to 20.0.2368. It involves an undocumented local user account named 'ubuntu', which has a hardcoded password and a sudoers entry allowing passwordless root access. This vulnerability enables local privilege escalation for anyone who knows the hardcoded password.

Impact

Exploitation of this vulnerability allows for local privilege escalation, granting root access on the system.

Remediation

Users can update to Vasion Print Virtual Appliance Host version 22.0.951 and Application version 20.0.2368 to address this vulnerability.

Added: Sep 19, 2025, 7:31 PM

Updated: Sep 19, 2025, 7:31 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.3

remediation

0.0

relevance

0.5

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.3

remediation

0.0

relevance

0.5

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vasion Print Local Privilege Escalation Vulnerability via Undocumented User Account

Vulnerability

Impact

Remediation

Affected Products

Vasion Print

Vasion Virtual Appliance Host

Vasion Application

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating