CVE-2025-66586

Summary

In AzeoTech DAQFactory release 20.7 (Build 2555), an access of resource using incompatible type vulnerability can be exploited to cause memory corruption while parsing specially crafted .ctl files. This could allow an attacker to execute code in the context of the current process.

Affected Software

VendorProductVersion RangeStatus
AzeoTechDAQFactory0 <= Release 20.7 (Build 2555)affected
AzeoTechDAQFactoryRelease 21.1unaffected

Weaknesses

  • CWE-843: CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References