Daikin Europe N.V Security Gateway

Plan PatchCVSS 9.8ICS-CERT ICSA-25-254-10Sep 11, 2025

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Daikin Security Gateway App:_100_Frm:_214 contains a vulnerability (CWE-640) that allows an attacker to gain unauthorized access to the system without authentication. The vulnerability is remotely exploitable with low complexity. Daikin has stated they will not fix this issue.

What this means

What could happen

An attacker could gain unauthorized access to the Daikin Security Gateway, potentially compromising facility HVAC/climate control systems or any dependent processes that rely on secure gateway access. This could allow remote manipulation of building environmental controls or disruption of dependent mechanical systems.

Who's at risk

Facility managers and HVAC/mechanical contractors who operate Daikin Security Gateway appliances for climate control or building automation. This includes commercial building facilities, multi-tenant complexes, and any enterprise using Daikin gateway systems for centralized HVAC management.

How it could be exploited

An attacker on the network would send a crafted request to the Security Gateway on its network-accessible port. The gateway does not require valid credentials, allowing the attacker to authenticate and execute commands directly, bypassing all access controls.

Prerequisites

Network access to the Daikin Security Gateway device and its service port
No valid credentials required

remotely exploitableno authentication requiredlow complexityno patch availablecritical severity (CVSS 9.8)

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (1)

ProductAffected VersionsFix Status

Security Gateway: App:_100_Frm:_214App: 100 Frm: 214No fix (EOL)

Remediation & Mitigation

0/5

Do now

0/3

WORKAROUNDImplement network firewall rules to restrict access to the Daikin Security Gateway to only authorized administrative IP addresses or VLANs

HARDENINGIsolate the Daikin Security Gateway onto a separate network segment, keeping it off the general business network and not accessible from the internet

HARDENINGIf remote access is required, implement a VPN connection that requires multi-factor authentication to reach the gateway, ensuring the VPN software is kept fully patched

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HARDENINGMonitor network traffic to and from the Daikin Security Gateway for unusual connection patterns or commands that could indicate unauthorized access attempts

HARDENINGContact Daikin customer support to inquire about alternative products, migration paths, or extended support options, as this product will remain unpatched

CVEs (1)

CVE-2025-10127

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/12e0048b-48aa-4314-b635-d6012c857892

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.