You are here

AzeoTech DAQFactory (ICSA-17-241-01) – Product Used in Energy and Water and Wastewater Systems Sectors

AzeoTech DAQFactory (ICSA-17-241-01) – Product Used in Energy and Water and Wastewater Systems Sectors

Created: Wednesday, August 30, 2017 - 12:10
Categories:
Cyber Security, Federal & State Resources

ICS-CERT has posted an advisory on AzeoTech DAQFactory vulnerabilities. DAQFactory versions prior to 17.1 are affected. Successful exploitation of these vulnerabilities could allow authenticated system users to escalate their privileges and modify or replace application files. According to AzeoTech, the newest version (Version 17.1) gives write privileges only to administrators and no longer searches for dlls outside of the application directory. ICS-CERT.