CVE-2025-66585

Summary

In AzeoTech DAQFactory release 20.7 (Build 2555), a use after free vulnerability can be exploited to cause memory corruption while parsing specially crafted .ctl files. This could allow an attacker to execute code in the context of the current process.

Affected Software

VendorProductVersion RangeStatus
AzeoTechDAQFactory0 <= Release 20.7 (Build 2555)affected
AzeoTechDAQFactoryRelease 21.1unaffected

Weaknesses

  • CWE-416: CWE-416 Use After Free

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References