Use After Free Vulnerability in AzeoTech DAQFactory
CVE-2026-12921
8.4HIGH
What is CVE-2026-12921?
AzeoTech DAQFactory versions 21.1 and earlier contain a Use After Free vulnerability that enables attackers to manipulate specially crafted .ctl files. Exploiting this flaw may result in unauthorized code execution, presenting significant security risks to affected systems. Users are advised to review their deployment of DAQFactory and apply appropriate security measures.
Affected Version(s)
DAQFactory 0 <= 21.1
References
CVSS V4
Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Rocco Calvi (@TecR0c) with TecSecurity
rgod working with TrendAI Zero Day Initiative