Sign-up

ID

VAR-202512-0021


CVE

CVE-2025-66584


TITLE

AzeoTech DAQFactory Stack Buffer Overflow Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2025-30856

DESCRIPTION

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, a US-based company, commonly used in industrial automation. AzeoTech DAQFactory contains a stack buffer overflow vulnerability. This vulnerability stems from a stack buffer overflow that occurs when parsing specially crafted .ctl files, allowing attackers to execute arbitrary code

Trust: 1.44

sources: NVD: CVE-2025-66584 // CNVD: CNVD-2025-30856

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-30856

AFFECTED PRODUCTS

vendor:azeotechmodel:daqfactory release (buildscope:eqversion:20.72555)

Trust: 0.6

sources: CNVD: CNVD-2025-30856

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2025-30856
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2025-30856
severity: MEDIUM
baseScore: 6.2
vectorString: AV:L/AC:H/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 1.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2025-30856

EXTERNAL IDS

db:NVDid:CVE-2025-66584

Trust: 1.6

db:ICS CERTid:ICSA-25-345-03

Trust: 0.6

db:CNVDid:CNVD-2025-30856

Trust: 0.6

sources: CNVD: CNVD-2025-30856 // NVD: CVE-2025-66584

REFERENCES

url:https://www.cisa.gov/news-events/ics-advisories/icsa-25-345-03

Trust: 0.6

sources: CNVD: CNVD-2025-30856

SOURCES

db:CNVDid:CNVD-2025-30856
db:NVDid:CVE-2025-66584

LAST UPDATE DATE

2026-01-14T23:36:27.211000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-30856date:2025-12-17T00:00:00
db:NVDid:CVE-2025-66584date:2025-12-30T20:16:00.837

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-30856date:2025-12-17T00:00:00
db:NVDid:CVE-2025-66584date:2025-12-11T21:15:57.263