Use After Free vulnerability in AzeoTech DAQFactory
Summary
| CVE | CVE-2025-66585 |
|---|---|
| State | PUBLISHED |
| Assigner | icscert |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2025-12-11 21:15:57 UTC |
| Updated | 2026-06-04 21:16:29 UTC |
| Description | In AzeoTech DAQFactory release 20.7 (Build 2555), a use after free vulnerability can be exploited to cause memory corruption while parsing specially crafted .ctl files. This could allow an attacker to execute code in the context of the current process. |
Risk And Classification
Primary CVSS: v4.0 7.3 HIGH from [email protected]
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS: 0.000410000 probability, percentile 0.126220000 (date 2026-06-04)
Problem Types: CWE-416 | CWE-416 CWE-416 Use After Free
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 4.0 | [email protected] | Secondary | 7.3 | HIGH | CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/C... |
| 4.0 | CNA | CVSS | 7.3 | HIGH | CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
| 3.1 | [email protected] | Primary | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| 3.1 | [email protected] | Secondary | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| 3.1 | CNA | CVSS | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
CVSS v4.0 Breakdown
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CVSS v3.1 Breakdown
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Azeotech | Daqfactory | All | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | AzeoTech | DAQFactory | affected Release 20.7 (Build 2555) custom | Not specified |
| CNA | AzeoTech | DAQFactory | unaffected Release 21.1 | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-34... | [email protected] | github.com | |
| www.cisa.gov/news-events/ics-advisories/icsa-25-345-03 | [email protected] | www.cisa.gov | Third Party Advisory, US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
CNA: Andrea Micalizzi of Trend Zero Day Initiative (en)
CNA: Michael Heinzl (en)
Additional Advisory Data
Solutions
CNA: AzeoTech has released the following update that addresses these issues: * DAQFactory: Release 21.1 AzeoTech also recommends users take the following actions to reduce the risk: * Users are discouraged from using documents from unknown/untrusted sources. * Users are encouraged to store .ctl files in a folder only writeable by admin-level users. * Users are encouraged to operate in “Safe Mode” when loading documents that have been out of their control. * Users are encouraged to apply a document editing password to their documents.