CISA 2026-06-18

AzeoTech DAQFactory

CVE-2026-12390

Machine-generated analysis · WAYSCloud LLM

The advisory states that loading untrusted .ctl files in AzeoTech DAQFactory <=21.1 may lead to arbitrary code execution due to a type confusion vulnerability.

Context

AzeoTech DAQFactory is a data acquisition and control software used in industrial environments. The advisory identifies a type confusion vulnerability in versions 21.1 and prior that can be triggered by specially crafted .ctl files, potentially resulting in code execution. The vulnerability requires user interaction to load a malicious file, as indicated by the CVSS vector. The product is reportedly deployed worldwide and is associated with the critical manufacturing sector.

Operator considerations

Check: Inventory instances of AzeoTech DAQFactory to identify installations at version 21.1 or earlier.
Isolate: Restrict access to directories containing .ctl files to admin-level users only.
Patch: No patch is mentioned; the advisory provides only mitigation guidance.
Log: Monitor for unauthorized attempts to modify or load .ctl files, if logging capabilities exist.

From Cybersecurity and Infrastructure Security Agency ↗

Successful exploitation of this vulnerability could allow an attacker to upload malicious .ctl files that may lead to arbitrary code execution.

The following versions of AzeoTech DAQFactory are affected:

DAQFactory

Read the full advisory on CISA →