EUVD-2025-28991

Malicious code in bioql PyPI...

CVE-2025-10127

Daikin Europe N.V Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypass authentication. An unauthorized attacker could access the system without prior credentials...

CVE-2025-10127

Daikin Europe N.V Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypass authentication. An unauthorized attacker could access the system without prior credentials...

CVE-2025-10127

CVE-2025-10127 affects Daikin Europe N.V Security Gateway. The vulnerability is an authorization bypass caused by a user-controlled key, allowing an unauthenticated attacker to access the system. Documented across multiple vendors and advisories (e.g., Red Hat, NVD, CISA ICS), with high severity ...

CVE-2025-10127 Daikin Europe N.V Security Gateway Weak Password Recovery Mechanism for Forgotten Password

Daikin Europe N.V Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypass authentication. An unauthorized attacker could access the system without prior credentials...

CVE-2025-10127 Daikin Europe N.V Security Gateway Weak Password Recovery Mechanism for Forgotten Password

Daikin Europe N.V Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypass authentication. An unauthorized attacker could access the system without prior credentials...

CISA Releases Eleven Industrial Control Systems Advisories

CISA released eleven Industrial Control Systems ICS advisories on September 11, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-254-01 Siemens SIMOTION Tools ICSA-25-254-02 Siemens SIMATIC Virtualization as a...

Daikin Security Gateway 授权问题漏洞

Daikin Security Gateway is a gateway device for remote management of systems from Daikin Japan. An authorization issue vulnerability exists in Daikin Security Gateway that stems from a user control key causing an authorization bypass that could lead to unauthorized system access...

PT-2025-37264

Name of the Vulnerable Software and Affected Versions: Daikin Security Gateway affected versions not specified Description: The Daikin Security Gateway is susceptible to an authorization bypass. An attacker can bypass authentication and gain access to the system without valid credentials through ...

Daikin Security Gateway 14 - Remote Password Reset

Daikin Security Gateway 214 - Remote Password Reset Vendor: Daikin Industries, Ltd. Product web page: https://www.daikin.com https://www.daikin.eu/enus/products/product.html/DRGATEWAYAA.html Affected version: App: 100, Frm: 214 Summary: The Security gateway allows the iTM and LC8 controllers to...

📄 Daikin Security Gateway 214 Remote Password Reset

The Daikin Security Gateway exposes a critical vulnerability in its password reset API endpoint. Due to an insecure direct object reference IDOR flaw, an unauthenticated attacker can send a crafted POST request to this endpoint, bypassing authentication mechanisms. Successful exploitation resets...

Daikin Security Gateway v214 Remote Password Reset

Summary The Security gateway allows the iTM and LC8 controllers to connect through the Security gateway to the Daikin Cloud Service. Instead of sending the report to the router directly, the iTM or LC8 controller sends the report to the Security gateway first. The Security gateway transforms the...