57 matches found
CVE-2009-4480
Buffer overflow in the web service in AzeoTech DAQFactory 5.77 might allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.16 through 8.11. NOTE: as of 20091229, this disclosure has no actionable information...
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-364-01: WHILL C2 Wheelchairs ICSA-25-345-03: AzeoTech DAQFactory Update A CISA encourages users and...
AzeoTech DAQFactory CTL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of AzeoTech DAQFactory. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
AzeoTech DAQFactory CTL File Parsing Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of AzeoTech DAQFactory. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
AzeoTech DAQFactory Memory Corruption Vulnerability
AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from a memory corruption vulnerability that exists when parsing a specially crafted .ctl file and can be exploited by an attacker t...
AzeoTech DAQFactory Out-of-Bounds Read Vulnerability
AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from an out-of-bounds read vulnerability that originates from out-of-bounds reading of memory buffer data, which can be exploited b...
CVE-2025-66590
In AzeoTech DAQFactory release 20.7 Build 2555, an Out-of-bounds Write vulnerability can be exploited by an attacker to cause the program to write data past the end of an allocated memory buffer. This can lead to arbitrary code execution or a system crash...
CVE-2025-66590
In AzeoTech DAQFactory release 20.7 Build 2555, an Out-of-bounds Write vulnerability can be exploited by an attacker to cause the program to write data past the end of an allocated memory buffer. This can lead to arbitrary code execution or a system crash...
CVE-2025-66586
In AzeoTech DAQFactory release 20.7 Build 2555, an Access of Resource Using Incompatible Type vulnerability can be exploited to cause memory corruption while parsing specially crafted .ctl files. This could allow an attacker to execute code in the context of the current process...
CVE-2025-66588
In AzeoTech DAQFactory release 20.7 Build 2555, an Access of Uninitialized Pointer vulnerability can be exploited by an attacker which can lead to arbitrary code execution...
CVE-2025-66586
In AzeoTech DAQFactory release 20.7 Build 2555, an Access of Resource Using Incompatible Type vulnerability can be exploited to cause memory corruption while parsing specially crafted .ctl files. This could allow an attacker to execute code in the context of the current process...
CVE-2025-66588 Access of Uninitialized Pointer vulnerability in AzeoTech DAQFactory
In AzeoTech DAQFactory release 20.7 Build 2555, an Access of Uninitialized Pointer vulnerability can be exploited by an attacker which can lead to arbitrary code execution...
CVE-2025-66589 Out-of-bounds Read vulnerability in AzeoTech DAQFactory
In AzeoTech DAQFactory release 20.7 Build 2555, an Out-of-bounds Read vulnerability can be exploited by an attacker to cause the program to read data past the end of an allocated buffer. This could allow an attacker to disclose information or cause a system crash...
EUVD-2025-202862
In AzeoTech DAQFactory release 20.7 Build 2555, an Out-of-bounds Read vulnerability can be exploited by an attacker to cause the program to read data past the end of an allocated buffer. This could allow an attacker to disclose information or cause a system crash...
CVE-2025-66590
In DAQFactory release 20.7 (Build 2555) from AzeoTech, CVE-2025-66590 is described as an out-of-bounds write vulnerability that can cause writes past a memory buffer, potentially enabling arbitrary code execution or a system crash. Connected sources (NVD/Red Hat/ICS-CISA/etc.) corroborate the sam...
EUVD-2025-202864
In AzeoTech DAQFactory release 20.7 Build 2555, an Out-of-bounds Write vulnerability can be exploited by an attacker to cause the program to write data past the end of an allocated memory buffer. This can lead to arbitrary code execution or a system crash...
CISA Releases 12 Industrial Control Systems Advisories
CISA released 12 Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-345-01 Johnson Controls iSTAR ICSA-25-345-02 Johnson Controls iSTAR Ultra ICSA-25-345-03 AzeoTech DAQFactor...
AzeoTech DAQFactory (Update A)
RISK EVALUATION Successful exploitation of these vulnerabilities requires an attacker to upload a malicious .ctl file. This could lead to information disclosure or arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...
AzeoTech DAQFactory 缓冲区错误漏洞
AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from a buffer overflow vulnerability that originates from accessing an uninitialized pointer and can be exploited by an attacker to...
AzeoTech DAQFactory 缓冲区错误漏洞
AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from an out-of-bounds read vulnerability that originates from out-of-bounds reading of memory buffer data, which can be exploited b...