CVE-2025-66586 HIGH

CVE-2025-66586: Type Confusion vulnerability in AzeoTech DAQFactory

Vendor Azeotech
Product DAQFactory
Weakness CWE-843
Published December 11, 2025
Last update June 4, 2026

CVSS base score

7.3/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

In AzeoTech DAQFactory release 20.7 (Build 2555), an access of resource using incompatible type vulnerability can be exploited to cause memory corruption while parsing specially crafted .ctl files. This could allow an attacker to execute code in the context of the current process.

Key dates

02Disclosure timeline

December 11, 2025 CVE published
June 4, 2026 Record updated