OTPulse

AzeoTech DAQFactory Networking Vulnerabilities

MonitorCVSS 7.5ICS-CERT ICSA-11-122-01Feb 2, 2011
Attack path
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

AzeoTech DAQFactory contains networking vulnerabilities in its network communication handling. All versions of DAQFactory Standard, Pro, Developer, and Runtime are affected. The vulnerabilities stem from improper input validation in the networking layer (CWE-287: Improper Authentication), allowing remote, unauthenticated denial of service attacks. An attacker can send crafted network packets to crash or hang the networking component, disrupting data acquisition and inter-system communication. CISA states no vendor fix is currently available for any affected product version.

What this means
What could happen
An attacker with network access to a DAQFactory system could cause a denial of service, disrupting data acquisition and process monitoring functions that depend on the networking layer.
Who's at risk
Water utilities and electric power systems using DAQFactory for data acquisition and SCADA monitoring should review their network architecture and access controls. This affects facilities relying on DAQFactory Standard, Pro, Developer, or Runtime editions for supervisory control, sensor data collection, or process monitoring.
How it could be exploited
An attacker on the network sends malformed or specially crafted network packets to a DAQFactory system. The system fails to properly validate these inputs, causing the networking component to crash or become unresponsive. This disrupts the system's ability to communicate with field devices or send data to supervisory systems.
Prerequisites
  • Network access to the DAQFactory system
  • No credentials required
remotely exploitableno authentication requiredlow complexityno patch availableaffects monitoring and control systems
Exploitability
Some exploitation risk — EPSS score 5.8%
Affected products (4)
4 EOL
ProductAffected VersionsFix Status
DAQFactory Standard: vers:all/*All versionsNo fix (EOL)
DAQFactory Developer: vers:all/*All versionsNo fix (EOL)
DAQFactory Runtime: vers:all/*All versionsNo fix (EOL)
DAQFactory Pro: vers:all/*All versionsNo fix (EOL)
Remediation & Mitigation
0/3
Do now
0/2
HARDENINGIsolate DAQFactory systems on a segmented network or VLAN with strict firewall rules limiting inbound traffic to only required sources and ports
WORKAROUNDImplement network-level monitoring to detect and block malformed packets or unusual traffic patterns directed at DAQFactory systems
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HARDENINGContact AzeoTech to confirm whether patches or security updates are planned, and establish a timeline for vendor support
View full CISA ICS-CERT advisory
API: /api/v1/advisories/10d0ee6f-eff5-4d20-b108-fc63e01fbad7

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.