CVE-2025-29628

CRITICAL

Gardyn 4 - Info Disclosure, RCE

Title source: llm

Description

A Gardyn Azure IoT Hub connection string is downloaded over an insecure HTTP connection in Gardyn Home Kit firmware before master.619, Home Kit Mobile Application before 2.11.0, and Home Kit Cloud API before 2.12.2026 leaving the string vulnerable to interception and modification through a Man-in-the-Middle attack. This may result in the attacker capturing device credentials or taking control of vulnerable home kits.

Exploits (1)

nomisec WRITEUP

by kristof-mattei · poc

https://github.com/kristof-mattei/gardyn-hack

View Code ZIP pw:eip

References (4)

[Various Sources] http://gardyn.com

[Various Sources] https://github.com/mselbrede/gardyn/blob/main/CVE-2025-29628_CVE-2025-29631.md

[Various Sources] https://mygardyn.com/blog/security-update/

[Third Party Advisory, US Government Resource] https://www.cisa.gov/news-events/ics-advisories/icsa-26-055-03

Scores

CVSS v3 9.4

EPSS 0.0003

EPSS Percentile 7.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

Details

CWE

CWE-200 CWE-77 CWE-924

Status published

Products (1)

Gardyn/Home Kit Firmware < master.619

Published Jul 25, 2025

Tracked Since Feb 18, 2026