AzeoTech DAQFactory CTL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AzeoTech DAQFactory. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

AzeoTech DAQFactory CTL File Parsing Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AzeoTech DAQFactory. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

AzeoTech DAQFactory CTL File Parsing Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AzeoTech DAQFactory. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

AzeoTech DAQFactory Memory Corruption Vulnerability

AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from a memory corruption vulnerability that exists when parsing a specially crafted .ctl file and can be exploited by an attacker t...

CVE-2025-66585

In AzeoTech DAQFactory release 20.7 Build 2555, a use after free vulnerability can be exploited to cause memory corruption while parsing specially crafted .ctl files. This could allow an attacker to execute code in the context of the current process...

CVE-2025-66586

In AzeoTech DAQFactory release 20.7 Build 2555, an Access of Resource Using Incompatible Type vulnerability can be exploited to cause memory corruption while parsing specially crafted .ctl files. This could allow an attacker to execute code in the context of the current process...

AzeoTech DAQFactory (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities requires an attacker to upload a malicious .ctl file. This could lead to information disclosure or arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

编号撤回

AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from a memory corruption vulnerability that exists when parsing a specially crafted .ctl file and can be exploited by an attacker t...

CVE-2014-0737

The Cisco Unified IP Phone 7960G 9.21 and earlier allows remote attackers to bypass authentication and change trust relationships by injecting a Certificate Trust List CTL file, aka Bug ID CSCuj66795...

Authentication flaw

The Cisco Unified IP Phone 7960G 9.21 and earlier allows remote attackers to bypass authentication and change trust relationships by injecting a Certificate Trust List CTL file, aka Bug ID CSCuj66795...