CVE-2025-66588CRITICAL 7.8EPSS p15.1%

CVE-2025-66588CVE-2025-66588

azeotech / daqfactory

Description

In AzeoTech DAQFactory release 20.7 (Build 2555), an access of uninitialized pointer vulnerability can be exploited by an attacker which can lead to arbitrary code execution.

Scoring

CVSS 3.17.8 (CRITICAL)
VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS0.24% probability of exploitation · percentile 15.1% · 2026-06-21T12:00:28Z
Published2025-12-11
Last modified2026-06-04

Underlying weaknesses· 1

CWE-824

References

  1. https://www.cisa.gov/news-events/ics-advisories/icsa-25-345-03

1

TypeTargetConfidenceTier
WeaknessAccess of Uninitialized Pointercwe-8240%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-66586
CVE
CVE-2025-66590
CVE
CVE-2025-66585
CVE
CVE-2025-66589
CVE
Dassault Systèmes DELMIA Apriso Code Injection Vulnerability
CVE
Dassault Systèmes DELMIA Apriso Deserialization of Untrusted Data Vulnerability
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.