Authentication Bypass Vulnerability in AzeoTech DAQFactory Software
CVE-2011-2956

Currently unrated

Key Information:

Vendor

Azeotech

Status
Daqfactory
Vendor
CVE Published:
28 July 2011

What is CVE-2011-2956?

The AzeoTech DAQFactory software, prior to version 5.85 (Build 1842), exhibits a significant vulnerability where it fails to authenticate certain signals. This weakness permits remote attackers to exploit the system, resulting in a denial of service through unexpected reboots or shutdowns. The lack of proper authentication mechanisms on critical signals poses a serious risk to operational stability and can disrupt normal functioning.

References

http://www.us-cert.gov/control_systems/pdf/ICSA-11-122-01...
x_refsource_MISC
http://www.azeotech.com/revisionhistory.php
x_refsource_MISC

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.