CVE-2025-66590 is an out-of-bounds write vulnerability classified under CWE-787 found in AzeoTech DAQFactory release 20.7 (Build 2555). The vulnerability arises when the program writes data past the end of an allocated memory buffer, which can corrupt adjacent memory. This memory corruption can be exploited by an attacker to execute arbitrary code with the privileges of the DAQFactory process or cause the application to crash, leading to denial of service. The vulnerability has a CVSS 4.0 base score of 8.4, indicating high severity. The attack vector is local (AV:L), with low attack complexity (AC:L), no privileges required (PR:N), but user interaction is necessary (UI:A). The vulnerability impacts confidentiality, integrity, and availability with high impact metrics (VC:H, VI:H, VA:H). The scope is unchanged (SC:N), and no authentication or special access is required. DAQFactory is widely used in industrial automation and data acquisition systems, often in critical infrastructure and manufacturing environments. The vulnerability could be exploited by an insider or through social engineering to trigger the out-of-bounds write, potentially allowing attackers to gain control over the system or disrupt operations. No patches or known exploits are currently available, but the risk remains significant given the potential impact. The vulnerability was reserved on December 4, 2025, and published on December 11, 2025, by ICS-CERT. Organizations using DAQFactory should prioritize risk assessment and mitigation planning.

For European organizations, especially those in industrial automation, manufacturing, and critical infrastructure sectors, this vulnerability poses a significant risk. Exploitation could lead to arbitrary code execution, allowing attackers to manipulate data acquisition processes, disrupt operational technology (OT) environments, or cause system downtime. This could result in financial losses, safety hazards, and damage to reputation. The requirement for local access and user interaction somewhat limits remote exploitation but does not eliminate risk, as insider threats or phishing attacks could facilitate exploitation. The high impact on confidentiality, integrity, and availability means sensitive operational data could be exposed or altered, and critical systems could be rendered inoperative. Given Europe's strong industrial base and reliance on automation technologies, the vulnerability could affect supply chains and essential services. The absence of patches increases the urgency for proactive defense measures.

1. Restrict local access to systems running DAQFactory to trusted personnel only, enforcing strict access controls and monitoring. 2. Implement robust user training and awareness programs to reduce the risk of social engineering attacks that could trigger the vulnerability. 3. Employ application whitelisting and endpoint detection and response (EDR) solutions to detect and prevent abnormal behavior indicative of exploitation attempts. 4. Regularly back up critical data and system configurations to enable rapid recovery in case of crashes or compromise. 5. Monitor system logs and network traffic for unusual activity related to DAQFactory processes. 6. Coordinate with AzeoTech for timely updates and patches; prepare to deploy them immediately upon release. 7. Consider isolating DAQFactory systems within segmented network zones to limit lateral movement if exploitation occurs. 8. Conduct vulnerability assessments and penetration testing focused on DAQFactory environments to identify potential exploitation paths.