CVE-2025-66589 is an out-of-bounds read vulnerability classified under CWE-125 affecting AzeoTech DAQFactory release 20.7 (Build 2555). This vulnerability arises when the software reads data past the end of an allocated buffer, which can lead to unauthorized disclosure of information or cause the application to crash, impacting system availability. The vulnerability requires local access and user interaction but does not require authentication or elevated privileges, making it accessible to local users who can trigger the flaw. The CVSS 4.0 vector indicates low attack complexity and no privileges required, but user interaction is necessary. The vulnerability does not affect confidentiality, integrity, and availability equally; it primarily threatens confidentiality and availability with high impact. No patches are currently published, and no known exploits have been reported in the wild, but the potential for information leakage or denial of service exists. DAQFactory is widely used in industrial automation and data acquisition environments, which often operate critical infrastructure and manufacturing processes. The vulnerability could be exploited by malicious insiders or attackers with physical or local network access to gain sensitive data or disrupt operations. The lack of remote exploitability limits the attack surface but does not eliminate risk in environments where local access is possible. The vulnerability is significant given the critical nature of systems using DAQFactory and the potential operational impact of crashes or data leaks.

For European organizations, especially those in industrial automation, manufacturing, and critical infrastructure sectors using AzeoTech DAQFactory, this vulnerability poses a significant risk. Confidentiality could be compromised if sensitive operational data is read beyond buffer boundaries, potentially exposing proprietary or safety-critical information. Availability could be impacted by system crashes triggered by the out-of-bounds read, leading to downtime or disruption of industrial processes. Since DAQFactory is often integrated into SCADA and control systems, such disruptions could have cascading effects on production lines or infrastructure services. The requirement for local access and user interaction reduces the likelihood of remote attacks but increases the risk from insider threats or attackers who gain physical or local network access. European organizations with less stringent local access controls or those operating in environments with shared user access are particularly vulnerable. The absence of known exploits currently provides a window for proactive mitigation, but the high CVSS score indicates that once exploited, the consequences could be severe.

1. Implement strict local access controls to limit who can interact with systems running DAQFactory, including physical security measures and network segmentation to prevent unauthorized local access. 2. Educate users about the risk and avoid executing untrusted inputs or scripts that could trigger the vulnerability. 3. Monitor DAQFactory application logs and system behavior for signs of crashes or anomalous memory access patterns that could indicate exploitation attempts. 4. Establish a process to rapidly deploy patches or updates from AzeoTech once they become available, including testing in controlled environments before production rollout. 5. Use application whitelisting and endpoint protection solutions to detect and prevent exploitation attempts that rely on user interaction. 6. Conduct regular security audits and vulnerability assessments focused on local access points and user privileges in environments running DAQFactory. 7. Consider isolating DAQFactory systems from general user workstations to reduce the risk of accidental or malicious triggering of the vulnerability. 8. Collaborate with AzeoTech support and security advisories to stay informed about updates or mitigations specific to this vulnerability.