Sensitive Information Exposure in Gardyn 4 by Remote Attackers
CVE-2025-29628

9.4CRITICAL

Key Information:

Vendor

Gardyn

Status
Home Kit Firmware
Vendor
CVE Published:
25 July 2025

What is CVE-2025-29628?

A vulnerability in Gardyn 4 allows remote attackers to exploit the system by sending specially crafted requests. This may enable them to access sensitive information and execute arbitrary code, posing significant security risks to users of the product.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Home Kit Firmware 0

References

https://github.com/mselbrede/gardyn/blob/main/CVE-2025-29...
https://www.cisa.gov/news-events/ics-advisories/icsa-26-0...
https://mygardyn.com/blog/security-update/

CVSS V3.1

Score:
9.4
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.