AzeoTech DAQFactory Vulnerability Advisory

AzeoTech DAQFactory Vulnerability Advisory 🚨

CISA has published an advisory regarding a critical vulnerability in AzeoTech DAQFactory. Successful exploitation of this vulnerability could allow an attacker to upload malicious .ctl files, potentially leading to arbitrary code execution. The affected versions are DAQFactory <= 21.1 (CVE-2026-12390).

Key Details:

• Vulnerability Type: Type Confusion
• CWE: CWE-843 Access of Resource Using Incompatible Type (‘Type Confusion’)
• Affected Sector: Critical Manufacturing
• Exploitation: Not exploitable remotely

Recommendations:

• Avoid using documents from unknown or untrusted sources.
• Store .ctl files in a folder that is only writable by admin-level users.
• Operate in Safe Mode when loading documents that are out of your control.
• Apply a document editing password to your documents.

CISA recommends taking defensive measures to minimize the risk of exploitation:

• Minimize network exposure for all control system devices.
• Ensure they are not accessible from the internet.
• Use firewalls to isolate control system networks from business networks.
• When remote access is necessary, utilize secure methods like Virtual Private Networks (VPNs).

Organizations should perform proper impact analysis and risk assessment before deploying defensive measures. If you observe any suspicious activity, follow your internal procedures and report findings to CISA for tracking and correlation against other incidents.

For more detailed information, you can read the full advisory here: Read full article