ID
VAR-202512-0018
CVE
CVE-2025-66588
TITLE
AzeoTech DAQFactory buffer overflow vulnerability
Trust: 0.6
sources:
CNVD: CNVD-2025-30859
DESCRIPTION
In AzeoTech DAQFactory release 20.7 (Build 2555), an Access of Uninitialized Pointer vulnerability can be exploited by an attacker which can lead to arbitrary code execution. AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, a US-based company, commonly used in industrial automation
Trust: 1.44
sources:
NVD: CVE-2025-66588 //
CNVD: CNVD-2025-30859
IOT TAXONOMY
| category: | ['ICS'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2025-30859
AFFECTED PRODUCTS
| vendor: | azeotech | model: | daqfactory release (build | scope: | eq | version: | 20.72555) | Trust: 0.6 |
sources:
CNVD: CNVD-2025-30859
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
CNVD: CNVD-2025-30859 //
NVD: CVE-2025-66588
PROBLEMTYPE DATA
| problemtype: | CWE-824 | Trust: 1.0 |
sources:
NVD: CVE-2025-66588
EXTERNAL IDS
| db: | NVD | id: | CVE-2025-66588 | Trust: 1.6 |
| db: | ICS CERT | id: | ICSA-25-345-03 | Trust: 1.6 |
| db: | CNVD | id: | CNVD-2025-30859 | Trust: 0.6 |
sources:
CNVD: CNVD-2025-30859 //
NVD: CVE-2025-66588
REFERENCES
| url: | https://www.cisa.gov/news-events/ics-advisories/icsa-25-345-03 | Trust: 1.6 |
sources:
CNVD: CNVD-2025-30859 //
NVD: CVE-2025-66588
SOURCES
| db: | CNVD | id: | CNVD-2025-30859 |
| db: | NVD | id: | CVE-2025-66588 |
LAST UPDATE DATE
2025-12-20T19:39:02.595000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2025-30859 | date: | 2025-12-17T00:00:00 |
| db: | NVD | id: | CVE-2025-66588 | date: | 2025-12-12T15:17:31.973 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2025-30859 | date: | 2025-12-17T00:00:00 |
| db: | NVD | id: | CVE-2025-66588 | date: | 2025-12-11T21:15:57.907 |