Security Flaw Found in Industrial Monitoring Software Used by Some Businesses

CISA has announced a security vulnerability in AzeoTech DAQFactory, specialized software used to monitor and control industrial equipment like manufacturing systems, scientific instruments, and laboratory devices. The flaw could allow an attacker to upload malicious files that execute harmful code on the system. Versions up to and including 21.1 are affected. This is not something typical families need to worry about. DAQFactory is not consumer software found on home computers, phones, or tablets. It is used by factories, research labs, and industrial facilities to collect data from sensors and control machinery. Unless you work in an industrial setting or run a business that uses this specific monitoring software, your family is not affected by this vulnerability. If you do work at a facility that uses DAQFactory, you should take action. First, contact your IT department or system administrator immediately to make sure they are aware of this security issue. Second, do not open any .ctl files from unknown or untrusted sources, as these are the file type that could be used in an attack. Third, ask your IT team if your version of the software needs to be updated or if additional security measures should be put in place. Fourth, follow any instructions your employer provides about using the software safely until a fix is available.

For businesses using industrial control systems, this is a reminder to keep all specialized software updated and to restrict who can upload files to critical systems. Regular security audits of industrial equipment are important because these systems often connect to networks and can be entry points for attackers. Home users can take comfort knowing this particular issue does not affect typical family technology.