CVE-2025-66590 identifies a critical out-of-bounds write vulnerability (CWE-787) in AzeoTech DAQFactory release 20.7 (Build 2555). This flaw occurs when the software writes data beyond the boundaries of an allocated memory buffer, which can corrupt memory and lead to undefined behavior. Such behavior can be exploited by attackers to execute arbitrary code with the privileges of the DAQFactory process or cause a denial-of-service condition by crashing the application. The vulnerability requires local access to the system and user interaction, but no prior authentication or elevated privileges are necessary. The CVSS 4.0 vector (AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N) indicates that the attack surface is limited to local vectors with low complexity, no authentication, and high impact on confidentiality, integrity, and availability. DAQFactory is widely used in industrial automation and data acquisition environments, where reliable and secure operation is critical. Although no public exploits have been reported, the vulnerability’s nature makes it a significant risk, especially in environments where local user access cannot be tightly controlled. The lack of an available patch at the time of disclosure necessitates immediate risk mitigation through access controls and monitoring.

For European organizations, especially those in industrial automation, manufacturing, and critical infrastructure sectors, this vulnerability poses a serious risk. Exploitation could allow attackers to execute arbitrary code, potentially leading to unauthorized control over data acquisition processes or disruption of industrial operations. This could result in data corruption, operational downtime, safety hazards, and loss of sensitive information. The requirement for local access limits remote exploitation but does not eliminate risk in environments where insider threats or compromised local accounts exist. The high impact on confidentiality, integrity, and availability could affect compliance with European regulations such as GDPR and NIS Directive, especially if the vulnerability leads to data breaches or service interruptions. Organizations relying on DAQFactory for monitoring or controlling critical processes must consider this vulnerability a priority for remediation to maintain operational resilience and regulatory compliance.

1. Restrict local access to systems running DAQFactory to trusted personnel only, employing strict access controls and monitoring. 2. Implement application whitelisting and endpoint detection to identify and block anomalous behaviors indicative of exploitation attempts. 3. Disable or limit user interaction with DAQFactory interfaces on critical systems where possible to reduce attack vectors. 4. Regularly audit and monitor logs for unusual activity related to DAQFactory processes. 5. Engage with AzeoTech for timely updates or patches addressing this vulnerability and apply them as soon as they become available. 6. Consider network segmentation to isolate DAQFactory systems from broader enterprise networks, minimizing lateral movement risks. 7. Conduct user training to raise awareness about the risks of interacting with potentially malicious inputs or files that could trigger the vulnerability.