HIGH🇵🇱 Wersja polska

CVE-2025-66586

CVSS 7.3v4.0pub. 2025-12-11upd. 2026-06-04

In AzeoTech DAQFactory release 20.7 (Build 2555), an access of resource using incompatible type vulnerability can be exploited to cause memory corruption while parsing specially crafted .ctl files. This could allow an attacker to execute code in the context of the current process.

CVSS Vector
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Azeotech Daqfactory

    APP
    Azeotech
    < 21.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-66590HIGH8.4ten sam produkt

In AzeoTech DAQFactory release 20.7 (Build 2555), an out-of-bounds write vulnerability can be exploited by an ...

CVE-2025-66585HIGH7.3ten sam produkt

In AzeoTech DAQFactory release 20.7 (Build 2555), a use after free vulnerability can be exploited to cause mem...

CVE-2025-66588HIGH8.4ten sam produkt

In AzeoTech DAQFactory release 20.7 (Build 2555), an access of uninitialized pointer vulnerability can be expl...

CVE-2025-66589HIGH8.4ten sam produkt

In AzeoTech DAQFactory release 20.7 (Build 2555), an Out-of-bounds Read vulnerability can be exploited by an a...

CVE-2021-42543HIGH7.8ten sam produkt

The affected application uses specific functions that could be abused through a crafted project file, which co...