{"id":76152,"date":"2025-09-26T02:21:24","date_gmt":"2025-09-26T02:21:24","guid":{"rendered":""},"modified":"2025-10-16T23:38:41","modified_gmt":"2025-10-17T05:38:41","slug":"cve-2025-34198-critical-vulnerability-in-vasion-print-virtual-appliance-due-to-shared-hardcoded-ssh-keys","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-34198-critical-vulnerability-in-vasion-print-virtual-appliance-due-to-shared-hardcoded-ssh-keys\/","title":{"rendered":"CVE-2025-34198: Critical Vulnerability in Vasion Print Virtual Appliance due to Shared, Hardcoded SSH Keys<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

The CVE-2025-34198 vulnerability is a critical exploit found in Vasion Print’s Virtual Appliance Host and Application, formerly known as PrinterLogic. The vulnerability stems from the presence of shared, hardcoded SSH host private keys in the appliance image. These keys are not unique to each installation, but instead are the same across all deployments, which leaves the system open for potential<\/a> compromise.
\nThis vulnerability is significant as it affects any organization or individual using Vasion Print’s Virtual Appliance<\/a> Host versions prior to 22.0.951 and Application prior to 20.0.2368. The implications of this vulnerability are severe<\/a>, as an attacker could potentially decrypt or intercept SSH connections to appliances using the same keys, leading to potential system compromises and data leakage.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-34198
\nSeverity: Critical (9.8)
\nAttack Vector: Network
\nPrivileges Required: Low
\nUser Interaction: None
\nImpact: System compromise<\/a>, data leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n