Critical severity9.1NVD Advisory· Published Jul 25, 2025· Updated Apr 15, 2026

CVE-2025-29629

Description

Gardyn Home Kit firmware before master.619, Home Kit Mobile Application before 2.11.0, and Home Kit Cloud API before 2.12.2026 use weak default credentials for secure shell access. This may result in attackers gaining access to exposed Gardyn Home Kits.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/mselbrede/gardyn/blob/main/CVE-2025-29629.mdnvd
mygardyn.com/blog/security-update/nvd
www.cisa.gov/news-events/ics-advisories/icsa-26-055-03nvd

News mentions

No linked articles in our index yet.

cvss	0.591
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000