CVE-2025-1242
Received Received - Intake
Administrative Credential Exposure in Gardyn IoT Hub via API and Firmware

Publication date: 2026-02-25

Last updated on: 2026-02-25

Assigner: ICS-CERT

Description
The administrative credentials can be extracted through application API responses, mobile application reverse engineering, and device firmware reverse engineering. The exposure may result in an attacker gaining full administrative access to the Gardyn IoT Hub exposing connected devices to malicious control.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-25
Last Modified
2026-02-25
Generated
2026-06-16
AI Q&A
2026-02-25
EPSS Evaluated
2026-06-15
NVD
CVE-2025-1242
EUVD
EUVD-2025-208113
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
gardyn gardyn_home From 619 (inc)
gardyn gardyn_mobile_app From 2.11.0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-798 The product contains hard-coded credentials, such as a password or cryptographic key.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves the exposure of administrative credentials through multiple attack vectors including application API responses, reverse engineering of the mobile application, and reverse engineering of the device firmware.

An attacker exploiting this vulnerability could gain full administrative access to the Gardyn IoT Hub, which controls connected devices.

This means unauthorized users could potentially control the IoT devices managed by the Gardyn system.

Impact Analysis

If exploited, this vulnerability could allow an attacker to take full administrative control of the Gardyn IoT Hub.

  • Remote control of connected devices such as altering lighting or watering schedules.
  • Access to plant photos and limited personal information including name, address, phone number, and email address.

There was no exposure of app login credentials or home network Wi-Fi passwords, but users concerned about network security were advised to reset their Wi-Fi passwords as a precaution.

The vulnerability has been fully remediated with security updates that are automatically installed when devices connect to the Internet.

Compliance Impact

I don't know

Detection Guidance

Detection of this vulnerability involves checking for exposure of administrative credentials through application API responses, mobile application reverse engineering, or device firmware reverse engineering.

Users can verify if their Gardyn devices are running the patched firmware version 619 or later and if the Gardyn mobile app is updated to version 2.11.0 or later by checking the app under Settings β†’ Advanced.

No specific network or system commands are provided in the available resources to detect this vulnerability.

Mitigation Strategies

Immediate mitigation steps include ensuring that Gardyn devices are connected to the Internet to receive automatic firmware updates to version 619 or later.

Users should update the Gardyn mobile app to version 2.11.0 or later.

As a precaution, customers concerned about network exposure are advised to reset their Wi-Fi passwords.

Users can verify device and app versions via the Gardyn mobile app under Settings β†’ Advanced.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-1242. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart