Primary

Context

AzeoTech DAQFactory Access of Uninitialized Pointer Vulnerability Leading to Arbitrary Code Execution

Vulnerability

Patched

A vulnerability allowing access of uninitialized pointers has been identified in AzeoTech DAQFactory version 20.7 (Build 2555) and prior. This vulnerability can be exploited by an attacker, potentially leading to arbitrary code execution.

Impact

Exploitation of this vulnerability can result in arbitrary code execution on the affected system.

Remediation

AzeoTech has released DAQFactory version 21.1 to address this vulnerability. Users are also advised to avoid using documents from untrusted sources, store .ctl files in a secure location, operate in 'Safe Mode' when handling unknown documents, and apply a document editing password to their files.

Added: Dec 11, 2025, 9:19 PM

Updated: Dec 11, 2025, 9:19 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

10.0

exploitability

7.8

remediation

7.9

relevance

1.4

threat

0.0

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

10.0

exploitability

7.8

remediation

7.9

relevance

1.4

threat

0.0

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AzeoTech DAQFactory Access of Uninitialized Pointer Vulnerability Leading to Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

AzeoTech DAQFactory

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating