CVE-2025-29628

A Gardyn Azure IoT Hub connection string is downloaded over an insecure HTTP connection in Gardyn Home Kit firmware before master.619, Home Kit Mobile Application before 2.11.0, and Home Kit Cloud API before 2.12.2026 leaving the string vulnerable to interception and modification through a Man-in-the-Middle attack. This may result in the attacker capturing device credentials or taking control of vulnerable home kits.

CVSS v3 9.4 CRITICAL

9.4^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://github.com/mselbrede/gardyn/blob/main/CVE-2025-29628_CVE-2025-29631.md
https://mygardyn.com/blog/security-update/
https://www.cisa.gov/news-events/ics-advisories/icsa-26-055-03

Configurations

No configuration.

History

No history.

Information

Published : 2025-07-25 17:15

Updated : 2026-02-25 21:16

NVD link : CVE-2025-29628

Mitre link : CVE-2025-29628

CVE.ORG link : CVE-2025-29628

JSON object : View

Products Affected

No product.

CWE

CWE-924

Improper Enforcement of Message Integrity During Transmission in a Communication Channel

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2025-29628", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve@mitre.org", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.4, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.5, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2025-07-25T17:15:31.027", "references": [{"url": "https://github.com/mselbrede/gardyn/blob/main/CVE-2025-29628_CVE-2025-29631.md", "source": "cve@mitre.org"}, {"url": "https://mygardyn.com/blog/security-update/", "source": "cve@mitre.org"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-055-03", "source": "cve@mitre.org"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "cve@mitre.org", "description": [{"lang": "en", "value": "CWE-924"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-77"}, {"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "A Gardyn Azure IoT Hub connection string is downloaded over an insecure HTTP connection in Gardyn Home Kit firmware before master.619, Home Kit Mobile Application before 2.11.0, and Home Kit Cloud API before 2.12.2026 leaving the string vulnerable to interception and modification through a Man-in-the-Middle attack. This may result in the attacker capturing device credentials or taking control of vulnerable home kits."}, {"lang": "es", "value": "Un problema en Gardyn 4 permite que un atacante remoto obtenga informaci\u00f3n confidencial y ejecute c\u00f3digo arbitrario a trav\u00e9s de una solicitud."}], "lastModified": "2026-02-25T21:16:31.323", "sourceIdentifier": "cve@mitre.org"}