9.8
CVE-2025-66588
- EPSS 0.24%
- Veröffentlicht 11.12.2025 20:50:39
- Zuletzt bearbeitet 04.06.2026 21:16:29
- Quelle ics-cert@hq.dhs.gov
- CVE-Watchlists
- Unerledigt
Access of Uninitialized Pointer vulnerability in AzeoTech DAQFactory
In AzeoTech DAQFactory release 20.7 (Build 2555), an access of uninitialized pointer vulnerability can be exploited by an attacker which can lead to arbitrary code execution.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Azeotech ≫ Daqfactory Version < 21.1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.151 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| ics-cert@hq.dhs.gov | 8.4 | 0 | 0 |
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| ics-cert@hq.dhs.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-824 Access of Uninitialized Pointer
The product accesses or uses a pointer that has not been initialized.
https://www.cisa.gov/news-events/ics-advisories/icsa-25-345-03
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-345-03.json