CVE-2025-66584 is a vulnerability identified in AzeoTech's DAQFactory software, a platform commonly used for data acquisition and industrial control systems. The CVSS 4.0 vector indicates that exploitation requires local access (AV:L), with high attack complexity (AC:H), no privileges (PR:N), and no authentication (AT:N), but user interaction (UI:P) is necessary. The vulnerability impacts confidentiality, integrity, and availability at a high level (VC:H, VI:H, VA:H), with no scope change (SC:N). This suggests that an attacker with local access and the ability to interact with the system could cause significant damage, including data leakage, unauthorized data modification, or disruption of system operations. The absence of affected version details and patch links implies that the vulnerability disclosure is recent and that mitigations or fixes may not yet be available. No known exploits in the wild have been reported, indicating limited current exploitation but potential future risk. The vulnerability is assigned by ICS-CERT, highlighting its relevance to industrial control systems and critical infrastructure environments. Given DAQFactory's role in monitoring and controlling industrial processes, exploitation could lead to operational downtime or safety hazards. The high attack complexity and requirement for local access reduce the likelihood of remote exploitation but do not eliminate insider threats or attacks via compromised local accounts.

For European organizations, especially those in manufacturing, energy, and critical infrastructure sectors using DAQFactory, this vulnerability poses a significant risk. Successful exploitation could lead to unauthorized disclosure of sensitive operational data, manipulation of control parameters, or denial of service conditions, potentially disrupting industrial processes. This could result in financial losses, safety incidents, regulatory non-compliance, and reputational damage. The requirement for local access and user interaction limits remote exploitation but increases the risk from insider threats or attackers who have gained initial footholds within the network. The high impact on confidentiality, integrity, and availability underscores the critical nature of the vulnerability in environments where DAQFactory is integral to operational technology (OT).

European organizations should implement strict access controls to limit local access to DAQFactory systems only to authorized personnel. Employing multi-factor authentication and robust user activity monitoring can help detect and prevent malicious interactions. Network segmentation should isolate DAQFactory systems from general IT networks to reduce exposure. Organizations should maintain up-to-date inventories of DAQFactory deployments and monitor vendor communications for patches or updates addressing this vulnerability. Until patches are available, consider applying application whitelisting, endpoint protection, and restricting the execution of untrusted code on affected systems. Conduct regular security awareness training to reduce the risk of social engineering that could facilitate user interaction exploitation. Additionally, implement incident response plans tailored to industrial control system environments to quickly respond to any suspicious activity.