Sign-up

ID

VAR-202512-0023


CVE

CVE-2025-66586


TITLE

AzeoTech DAQFactory CTL File Parsing Type Confusion Remote Code Execution Vulnerability

Trust: 2.8

sources: ZDI: ZDI-25-1134 // ZDI: ZDI-25-1133 // ZDI: ZDI-25-1132 // ZDI: ZDI-25-1131

DESCRIPTION

In AzeoTech DAQFactory release 20.7 (Build 2555), an Access of Resource Using Incompatible Type vulnerability can be exploited to cause memory corruption while parsing specially crafted .ctl files. This could allow an attacker to execute code in the context of the current process. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of CTL files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition

Trust: 3.42

sources: NVD: CVE-2025-66586 // ZDI: ZDI-25-1134 // ZDI: ZDI-25-1133 // ZDI: ZDI-25-1132 // ZDI: ZDI-25-1131

AFFECTED PRODUCTS

vendor:azeotechmodel:daqfactoryscope: - version: -

Trust: 2.8

sources: ZDI: ZDI-25-1134 // ZDI: ZDI-25-1133 // ZDI: ZDI-25-1132 // ZDI: ZDI-25-1131

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2025-66586
value: HIGH

Trust: 2.8

ics-cert@hq.dhs.gov: CVE-2025-66586
value: HIGH

Trust: 1.0

ZDI: CVE-2025-66586
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 2.8

sources: ZDI: ZDI-25-1134 // ZDI: ZDI-25-1133 // ZDI: ZDI-25-1132 // ZDI: ZDI-25-1131 // NVD: CVE-2025-66586

PROBLEMTYPE DATA

problemtype:CWE-843

Trust: 1.0

sources: NVD: CVE-2025-66586

PATCH

title:AzeoTech has issued an update to correct this vulnerability.url:https://www.cisa.gov/news-events/ics-advisories/icsa-25-345-03

Trust: 2.8

sources: ZDI: ZDI-25-1134 // ZDI: ZDI-25-1133 // ZDI: ZDI-25-1132 // ZDI: ZDI-25-1131

EXTERNAL IDS

db:NVDid:CVE-2025-66586

Trust: 3.8

db:ICS CERTid:ICSA-25-345-03

Trust: 1.0

db:ZDI_CANid:ZDI-CAN-26883

Trust: 0.7

db:ZDIid:ZDI-25-1134

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-25515

Trust: 0.7

db:ZDIid:ZDI-25-1133

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-25513

Trust: 0.7

db:ZDIid:ZDI-25-1132

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-27523

Trust: 0.7

db:ZDIid:ZDI-25-1131

Trust: 0.7

sources: ZDI: ZDI-25-1134 // ZDI: ZDI-25-1133 // ZDI: ZDI-25-1132 // ZDI: ZDI-25-1131 // NVD: CVE-2025-66586

REFERENCES

url:https://www.cisa.gov/news-events/ics-advisories/icsa-25-345-03

Trust: 3.8

sources: ZDI: ZDI-25-1134 // ZDI: ZDI-25-1133 // ZDI: ZDI-25-1132 // ZDI: ZDI-25-1131 // NVD: CVE-2025-66586

CREDITS

Rocco Calvi (@TecR0c) with TecSecurity

Trust: 1.4

sources: ZDI: ZDI-25-1134 // ZDI: ZDI-25-1131

SOURCES

db:ZDIid:ZDI-25-1134
db:ZDIid:ZDI-25-1133
db:ZDIid:ZDI-25-1132
db:ZDIid:ZDI-25-1131
db:NVDid:CVE-2025-66586

LAST UPDATE DATE

2025-12-20T19:39:02.634000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-25-1134date:2025-12-17T00:00:00
db:ZDIid:ZDI-25-1133date:2025-12-17T00:00:00
db:ZDIid:ZDI-25-1132date:2025-12-17T00:00:00
db:ZDIid:ZDI-25-1131date:2025-12-17T00:00:00
db:NVDid:CVE-2025-66586date:2025-12-12T15:17:31.973

SOURCES RELEASE DATE

db:ZDIid:ZDI-25-1134date:2025-12-17T00:00:00
db:ZDIid:ZDI-25-1133date:2025-12-17T00:00:00
db:ZDIid:ZDI-25-1132date:2025-12-17T00:00:00
db:ZDIid:ZDI-25-1131date:2025-12-17T00:00:00
db:NVDid:CVE-2025-66586date:2025-12-11T21:15:57.583