Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
AzeotechDaqfactory

14 matches found

CVE
CVEadded 2011/09/16 2:0 p.m.58 views

CVE-2011-3492

CVE-2011-3492 describes a stack-based buffer overflow in Azeotech DAQFactory (version 5.85 and earlier) triggered by a crafted NETB UDP packet to port 20034. The vulnerability allows remote denial of service and arbitrary code execution. Public exploit references exist (e.g., Metasploit module ta...

10CVSS8.1AI score0.70909EPSS
CVE
CVEadded 2021/11/05 3:39 p.m.57 views

CVE-2021-42698

CVE-2021-42698 affects DAQFactory (all versions 18.1 Build 2347 and earlier). The vulnerability arises from deserialization of project files stored as binary memory objects, allowing memory corruption if a crafted file is opened. ICSA-21-308-02 notes the issue exists in the Deserialization of Unt...

7.8CVSS7.5AI score0.00765EPSS
CVE
CVEadded 2017/09/09 1:0 a.m.49 views

CVE-2017-12699

CVE-2017-12699 affects AzeoTech DAQFactory prior to 17.1. Two vulnerabilities are described: (1) Incorrect Default Permissions (CWE-276) allowing local, non-administrative users to replace or modify application files with malicious ones; (2) Uncontrolled Search Path Element (CWE-427) that could e...

7.1CVSS6.8AI score0.00324EPSS
CVE
CVEadded 2021/11/05 3:39 p.m.49 views

CVE-2021-42699

CVE-2021-42699 affects DAQFactory, where cookie information can be transmitted in cleartext over HTTP. This enables an attacker who can capture network traffic to obtain a user’s cookie and potentially hijack the session. Connected sources indicate affected product is DAQFactory (all versions up ...

5.9CVSS5.7AI score0.0048EPSS
CVE
CVEadded 2021/11/05 3:39 p.m.47 views

CVE-2021-42701

CVE-2021-42701 relates to AzeoTech DAQFactory. A crafted project file can trigger a MiTM attempt by connecting to the cloud, potentially exposing credentials and enabling takeover of a user’s cloud account. Affected products: DAQFactory up to all versions 18.1 Build 2347 and earlier. Root cause d...

6.3CVSS5.7AI score0.0057EPSS
CVE
CVEadded 2009/12/30 9:0 p.m.46 views

CVE-2009-4480

CVE-2009-4480 affects AzeoTech DAQFactory 5.77. The issue is a buffer overflow in the web service that could let remote attackers execute arbitrary code via unspecified vectors, with exploitation demonstrated by a module in VulnDisco Pack Professional 7.16 through 8.11. The records from Red Hat a...

9.3CVSS8AI score0.03313EPSS
CVE
CVEadded 2017/09/09 1:0 a.m.46 views

CVE-2017-5147

CVE-2017-5147 describes an uncontrolled search path element vulnerability in AzeoTech DAQFactory before version 17.1. The issue allows a local attacker to have the program load a malicious DLL placed in the search path, potentially affecting integrity/availability. ICS-CERT/vulnerability details ...

5.3CVSS5.4AI score0.00337EPSS
CVE
CVEadded 2021/11/05 3:39 p.m.44 views

CVE-2021-42543

CVE-2021-42543 affects DAQFactory by AzeoTech. The vulnerability arises from Use of Inherently Dangerous Function (CWE-242) in DAQFactory project file handling, allowing a crafted project file to trigger code execution, potentially leading to system reboot or shutdown. Affected products: DAQFacto...

7.8CVSS7.6AI score0.00766EPSS
CVE
CVEadded 2011/07/28 6:0 p.m.41 views

CVE-2011-2956

CVE-2011-2956 affects AzeoTech DAQFactory before 5.85 (Build 1842), where networking signals are not authenticated, enabling remote attackers to trigger a DoS (system reboot/shutdown). The vulnerability is remotely exploitable via the DAQFactory networking feature. Public details confirm the impa...

7.8CVSS7.1AI score0.06742EPSS
CVE
CVEadded 2025/12/11 8:45 p.m.13 views

CVE-2025-66590

In DAQFactory release 20.7 (Build 2555) from AzeoTech, CVE-2025-66590 is described as an out-of-bounds write vulnerability that can cause writes past a memory buffer, potentially enabling arbitrary code execution or a system crash. Connected sources (NVD/Red Hat/ICS-CISA/etc.) corroborate the sam...

9.8CVSS7.6AI score0.00312EPSS
CVE
CVEadded 2025/12/11 8:54 p.m.12 views

CVE-2025-66586

Summary: CVE-2025-66586 affects AzeoTech DAQFactory 20.7 (Build 2555). The CTL file parsing code has a type-confusion vulnerability that can lead to memory corruption and remote code execution in the context of the current process. The ZDI advisories (ZDI-25-1132, -1131, -1133, -1134) describe th...

7.8CVSS7.3AI score0.0018EPSS
CVE
CVEadded 2025/12/11 8:48 p.m.12 views

CVE-2025-66589

CVE-2025-66589 affects AzeoTech DAQFactory 20.7 (Build 2555). The vulnerability is an out-of-bounds read in the DAQFactory runtime that can cause reading past the end of an allocated buffer, potentially leading to information disclosure or a crash. Public sources in the provided documents consist...

9.1CVSS6.1AI score0.00298EPSS
CVE
CVEadded 2025/12/11 8:56 p.m.10 views

CVE-2025-66585

CVE-2025-66585 affects AzeoTech DAQFactory release 20.7 (Build 2555). A Use-After-Free vulnerability during parsing of specially crafted .ctl files can cause memory corruption and may allow code execution in the current process. Vendor/ICS advisories confirm local attack Vector with high impact t...

7.8CVSS7.3AI score0.00193EPSS
CVE
CVEadded 2025/12/11 8:50 p.m.10 views

CVE-2025-66588

In AzeoTech DAQFactory 20.7 (Build 2555), CVE-2025-66588 is an Access of Uninitialized Pointer vulnerability (also described as memory corruption risks such as buffer overflows) that can lead to arbitrary code execution. Multiple sources (NVD entry and CNVD/Red Hat/ICS/CVE records) describe a mem...

9.8CVSS6.1AI score0.00242EPSS