Out-of-Bounds Read Vulnerability in AzeoTech DAQFactory Software
CVE-2025-66589

8.4HIGH

Key Information:

Vendor: Azeotech
Status: Daqfactory
Vendor: CVE Published:; 11 December 2025

What is CVE-2025-66589?

In AzeoTech DAQFactory version 20.7 (Build 2555), a vulnerability exists that allows an attacker to exploit an Out-of-Bounds Read. This occurs when the program attempts to read data beyond the allocated memory buffer, which could potentially lead to unauthorized information disclosure or even a system crash. The vulnerability underscores the importance of implementing robust memory management practices to mitigate such risks.

Affected Version(s)

DAQFactory 0

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-3...

government-resource

CVSS V4

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 11, 2025
Vulnerability Reserved
Dec 4, 2025

Credit

Michael Heinzl

JSON

Azeotech

What is CVE-2025-66589?

Affected Version(s)

References

CVSS V4

Timeline

Credit