Details of VAR-202512-0022

ID

VAR-202512-0022

CVE

CVE-2025-66585

TITLE

AzeoTech DAQFactory CTL File Parsing Use-After-Free Remote Code Execution Vulnerability

Trust: 0.7

sources: ZDI: ZDI-25-1128

DESCRIPTION

In AzeoTech DAQFactory release 20.7 (Build 2555), a Use After Free vulnerability can be exploited to cause memory corruption while parsing specially crafted .ctl files. This could allow an attacker to execute code in the context of the current process. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of CTL files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, a US-based company, commonly used in industrial automation. AzeoTech DAQFactory contains a use-after-free vulnerability

Trust: 2.07

sources: NVD: CVE-2025-66585 // ZDI: ZDI-25-1128 // CNVD: CNVD-2025-30857

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-30857

AFFECTED PRODUCTS

vendor:	azeotech	model:	daqfactory	scope:	-	version:	-	Trust: 0.7
vendor:	azeotech	model:	daqfactory release (build	scope:	eq	version:	20.72555)	Trust: 0.6

sources: ZDI: ZDI-25-1128 // CNVD: CNVD-2025-30857

CVSS

SEVERITY

CVSSV2

CVSSV3

ics-cert@hq.dhs.gov:	CVE-2025-66585
value:	HIGH
Trust: 1.0
ZDI:	CVE-2025-66585
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2025-30857
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2025-30857
severity:	MEDIUM
baseScore:	6.2
vectorString:	AV:L/AC:H/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	1.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

ZDI:	CVE-2025-66585
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-25-1128 // CNVD: CNVD-2025-30857 // NVD: CVE-2025-66585

PROBLEMTYPE DATA

problemtype:

CWE-416

Trust: 1.0

sources: NVD: CVE-2025-66585

PATCH

title:

AzeoTech has issued an update to correct this vulnerability.

url:

https://www.cisa.gov/news-events/ics-advisories/icsa-25-345-03

Trust: 0.7

sources: ZDI: ZDI-25-1128

EXTERNAL IDS

db:	NVD	id:	CVE-2025-66585	Trust: 2.3
db:	ICS CERT	id:	ICSA-25-345-03	Trust: 1.6
db:	ZDI_CAN	id:	ZDI-CAN-25514	Trust: 0.7
db:	ZDI	id:	ZDI-25-1128	Trust: 0.7
db:	CNVD	id:	CNVD-2025-30857	Trust: 0.6

sources: ZDI: ZDI-25-1128 // CNVD: CNVD-2025-30857 // NVD: CVE-2025-66585

REFERENCES

url:

https://www.cisa.gov/news-events/ics-advisories/icsa-25-345-03

Trust: 2.3

sources: ZDI: ZDI-25-1128 // CNVD: CNVD-2025-30857 // NVD: CVE-2025-66585

CREDITS

Andrea Micalizzi aka rgod (@rgod777)

Trust: 0.7

sources: ZDI: ZDI-25-1128

SOURCES

db:	ZDI	id:	ZDI-25-1128
db:	CNVD	id:	CNVD-2025-30857
db:	NVD	id:	CVE-2025-66585

LAST UPDATE DATE

2025-12-20T19:39:02.612000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-25-1128	date:	2025-12-17T00:00:00
db:	CNVD	id:	CNVD-2025-30857	date:	2025-12-17T00:00:00
db:	NVD	id:	CVE-2025-66585	date:	2025-12-12T15:17:31.973

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-25-1128	date:	2025-12-17T00:00:00
db:	CNVD	id:	CNVD-2025-30857	date:	2025-12-17T00:00:00
db:	NVD	id:	CVE-2025-66585	date:	2025-12-11T21:15:57.430