CVE-2025-66588 is an access of uninitialized pointer vulnerability (CWE-824) identified in AzeoTech DAQFactory release 20.7 (Build 2555). This vulnerability arises when the software accesses memory pointers that have not been properly initialized, potentially allowing an attacker to execute arbitrary code. The flaw can be exploited locally by an attacker who can induce user interaction, without requiring any privileges or authentication. The CVSS 4.0 vector indicates low attack complexity and no privileges required, but user interaction is necessary. The vulnerability impacts confidentiality, integrity, and availability at a high level, with a high scope, meaning it can affect components beyond the initially vulnerable module. DAQFactory is a software platform widely used for industrial data acquisition, monitoring, and control, often deployed in critical infrastructure and manufacturing environments. Exploitation could allow attackers to execute malicious code, potentially leading to system compromise, data manipulation, or disruption of industrial processes. No patches or known exploits are currently available, but the vulnerability has been publicly disclosed and assigned a high CVSS score of 8.4, emphasizing the urgency for mitigation. The vulnerability was reserved and published in December 2025, indicating recent discovery and disclosure.

For European organizations, the impact of CVE-2025-66588 is significant due to the widespread use of DAQFactory in industrial automation, manufacturing, and critical infrastructure sectors. Successful exploitation could lead to arbitrary code execution, enabling attackers to manipulate or disrupt industrial control processes, steal sensitive operational data, or cause denial of service conditions. This poses risks to operational continuity, safety, and data confidentiality. Given the high severity and potential for full system compromise, organizations could face operational downtime, financial losses, regulatory penalties, and reputational damage. The requirement for local access and user interaction somewhat limits remote exploitation but does not eliminate risk, especially in environments with multiple users or insufficient access controls. European industries with heavy reliance on industrial control systems, such as automotive, energy, and manufacturing sectors, are particularly vulnerable. The lack of available patches increases the urgency for interim mitigations to reduce attack surface and monitor for exploitation attempts.

1. Restrict local access to systems running DAQFactory to trusted personnel only, employing strict physical and logical access controls. 2. Implement user training and awareness to prevent inadvertent user interaction that could trigger exploitation. 3. Monitor system logs and network traffic for unusual activity indicative of exploitation attempts, such as unexpected process launches or memory access anomalies. 4. Employ application whitelisting and endpoint protection solutions to detect and block unauthorized code execution. 5. Isolate DAQFactory systems from general-purpose networks to limit exposure. 6. Prepare for rapid deployment of vendor patches once released by maintaining close communication with AzeoTech and subscribing to vulnerability advisories. 7. Conduct regular vulnerability assessments and penetration testing focused on industrial control systems to identify and remediate related weaknesses. 8. Consider implementing multi-factor authentication and session locking to reduce risk from unauthorized local access. 9. Backup critical configurations and data regularly to enable recovery in case of compromise. 10. Engage with industrial cybersecurity specialists to tailor defenses specific to the operational environment.