OTPulse
FeedAboutContact

AzeoTech DAQFactory

Plan Patch7.1ICS-CERT ICSA-17-241-01Aug 29, 2017
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary

AzeoTech DAQFactory versions prior to 17.1 contain privilege escalation vulnerabilities (CWE-276: Incorrect Default Permissions, CWE-427: Uncontrolled Search Path Element). These vulnerabilities allow a local user with basic privileges to gain elevated access or execute arbitrary code on the system running DAQFactory. The vulnerabilities are triggered through improper permission handling and search path manipulation during the application's execution.

What this means
What could happen
A local user on a DAQFactory workstation could escalate privileges and execute commands with elevated access, potentially allowing them to modify process configurations, alter logged data, or compromise the integrity of monitoring and control operations that depend on DAQFactory.
Who's at risk
This affects organizations using DAQFactory for process monitoring and data acquisition in manufacturing, utilities, and other control system environments. Specifically, it impacts any engineering workstation or server running DAQFactory versions before 17.1 where local users have access.
How it could be exploited
An attacker with user-level access to a workstation running DAQFactory can exploit improper file permissions or search path handling to escalate privileges. By manipulating files or the application's search path, the attacker can execute code with higher privileges than their current user account, gaining the ability to modify DAQFactory configurations or system files.
Prerequisites
  • Local access to a workstation running DAQFactory
  • User-level privileges on the host system
  • DAQFactory version prior to 17.1 installed
Requires local access (reduces risk but increases insider threat concern)User-level privileges needed (easier for low-privilege users to exploit)Affects system integrity and process configuration
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
DAQFactory:< 17.117.1
Remediation & Mitigation
0/3
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade DAQFactory to version 17.1 or later
Long-term hardening
0/2
HARDENINGRestrict physical and remote access to DAQFactory engineering workstations to authorized personnel only
HARDENINGImplement application whitelisting and file integrity monitoring on DAQFactory hosts to detect unauthorized privilege escalation attempts
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/615768e6-e606-462e-8720-c46544fe33ff
AzeoTech DAQFactory | CVSS 7.1 - OTPulse