CVE-2025-66589 – An out-of-bounds read vulnerability in AzeoTech... (How to Fix)

Q: What is the severity of CVE-2025-66589?

CVE-2025-66589 has a CVSS score of 9.1 (CRITICAL). An out-of-bounds read vulnerability in AzeoTech DAQFactory allows attackers to read memory beyond allocated buffers, potentially exposing sensitive information or causing program crashes. This affects DAQFactory 20.7 (Build 2555) users, particularly in industrial control systems where this software is used for data acquisition and control.

📋 TL;DR

An out-of-bounds read vulnerability in AzeoTech DAQFactory allows attackers to read memory beyond allocated buffers, potentially exposing sensitive information or causing program crashes. This affects DAQFactory 20.7 (Build 2555) users, particularly in industrial control systems where this software is used for data acquisition and control.

💻 Affected Systems

Products:

AzeoTech DAQFactory

Versions: Release 20.7 (Build 2555)

Operating Systems: Windows (primary platform for DAQFactory)

Default Config Vulnerable: ⚠️ Yes

Notes: This affects the specific build 2555 of version 20.7. Other versions may not be vulnerable.

📦 What is this software?

Daqfactory by Azeotech

View all CVEs affecting Daqfactory →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure of sensitive system memory contents, potentially including credentials, configuration data, or proprietary information, followed by system crash disrupting industrial operations.

🟠

Likely Case

Program instability leading to crashes and service disruption in industrial control environments, with potential for limited information leakage.

🟢

If Mitigated

Controlled crash without data leakage if proper memory protections are in place, but still causing service disruption.

🌐 Internet-Facing: MEDIUM - While the vulnerability is serious, DAQFactory is typically deployed in internal industrial networks rather than directly internet-facing systems.

🏢 Internal Only: HIGH - Industrial control systems using vulnerable DAQFactory versions face significant risk from internal threats or compromised network segments.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Out-of-bounds read vulnerabilities typically require some knowledge of memory layout but can be exploited by sending specially crafted data to the application.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Later builds of DAQFactory 20.7 or newer versions

Vendor Advisory: https://www.cisa.gov/news-events/ics-advisories/icsa-25-345-03

Restart Required: Yes

Instructions:

1. Contact AzeoTech for updated version. 2. Download and install the patched version. 3. Restart DAQFactory services. 4. Verify the new version is running.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate DAQFactory systems from untrusted networks and users

Access Control Restrictions

all

Limit user access to DAQFactory systems to authorized personnel only

🧯 If You Can't Patch

Implement strict network segmentation to isolate DAQFactory systems
Monitor system logs for abnormal behavior or crashes and implement compensating controls

🔍 How to Verify

Check if Vulnerable:

Check DAQFactory version in Help > About menu. If it shows 20.7 Build 2555, the system is vulnerable.

Check Version:

Check via DAQFactory GUI: Help > About menu

Verify Fix Applied:

After updating, verify the version in Help > About shows a version other than 20.7 Build 2555.

📡 Detection & Monitoring

Log Indicators:

Unexpected DAQFactory crashes
Memory access violation errors in application logs
Abnormal termination of DAQFactory processes

Network Indicators:

Unusual network traffic patterns to DAQFactory ports
Multiple connection attempts to DAQFactory services

SIEM Query:

EventID: 1000 OR EventID: 1001 (Application crashes) AND ProcessName: "daqfactory.exe"

📊 Metadata

CVE ID: CVE-2025-66589

CVSS v3 Score: 9.1 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE: CWE-125

EPSS Score: 0.07% exploit probability (21.1th percentile)

Published: December 11, 2025

Last Updated: January 2, 2026

🔗 References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-345-03 Third Party Advisory,US Government Resource

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-66589, you might also want to check these: