Galaxy Watch
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-20946 | Hig | 0.57 | 8.8 | 0.00 | Apr 8, 2025 | Improper handling of exceptional conditions in pairing specific bluetooth devices in Galaxy Watch Bluetooth pairing prior to SMR Apr-2025 Release 1 allows local attackers to pair with specific bluetooth devices without user interaction. | ||
| CVE-2026-21019 | Hig | 0.56 | — | 0.00 | May 13, 2026 | Improper input validation in FacAtFunction in Galaxy Watch prior to SMR May-2026 Release 1 allows local attacker to execute arbitrary code with system privilege. | ||
| CVE-2024-34681 | Med | 0.43 | 6.6 | 0.00 | Nov 6, 2024 | Improper input validation in BluetoothAdapter prior to SMR Nov-2024 Release 1 allows local attackers to cause local permanent denial of service on Galaxy Watch. | ||
| CVE-2025-21013 | Med | 0.40 | 6.2 | 0.00 | Aug 6, 2025 | Improper access control in SemSensorManager for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to outdoor exercise and sleep time. | ||
| CVE-2025-20910 | Med | 0.40 | 6.2 | 0.00 | Mar 6, 2025 | Incorrect default permission in Galaxy Watch Gallery prior to SMR Mar-2025 Release 1 allows local attackers to access data in Galaxy Watch Gallery. | ||
| CVE-2025-21012 | Med | 0.36 | 5.5 | 0.00 | Aug 6, 2025 | Improper access control in fall detection for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to modify fall detection configuration. | ||
| CVE-2025-21011 | Med | 0.36 | 5.5 | 0.00 | Aug 6, 2025 | Improper access control in SemSensorService for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to motion and body sensors. | ||
| CVE-2025-20986 | Med | 0.36 | 5.5 | 0.00 | Jun 4, 2025 | Improper access control in ScreenCapture for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to take screenshots. | ||
| CVE-2024-49412 | Med | 0.36 | 5.5 | 0.00 | Dec 3, 2024 | Improper input validation in Settings prior to SMR Dec-2024 Release 1 allows local attackers to broadcast signal for discovering Bluetooth on Galaxy Watch. | ||
| CVE-2021-25420 | Med | 0.36 | 5.5 | 0.00 | Jun 11, 2021 | Improper log management vulnerability in Galaxy Watch PlugIn prior to version 2.2.05.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log. | ||
| CVE-2025-20956 | Med | 0.28 | 4.3 | 0.00 | May 7, 2025 | Improper export of android application components in Settings in Galaxy Watch prior to SMR May-2025 Release 1 allows physical attackers to access developer settings. | ||
| CVE-2022-25827 | Low | 0.12 | 1.9 | 0.00 | Mar 10, 2022 | Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows attacker to access password information of connected WiFiAp in the log | ||
| CVE-2022-25823 | Low | 0.12 | 1.9 | 0.00 | Mar 10, 2022 | Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741 allows attackers to access user information in log. | ||
| CVE-2025-20997 | 0.00 | — | 0.00 | Jul 8, 2025 | Incorrect default permission in Framework for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to reset some configuration of Galaxy Watch. |
- risk 0.57cvss 8.8epss 0.00
Improper handling of exceptional conditions in pairing specific bluetooth devices in Galaxy Watch Bluetooth pairing prior to SMR Apr-2025 Release 1 allows local attackers to pair with specific bluetooth devices without user interaction.
- risk 0.56cvss —epss 0.00
Improper input validation in FacAtFunction in Galaxy Watch prior to SMR May-2026 Release 1 allows local attacker to execute arbitrary code with system privilege.
- risk 0.43cvss 6.6epss 0.00
Improper input validation in BluetoothAdapter prior to SMR Nov-2024 Release 1 allows local attackers to cause local permanent denial of service on Galaxy Watch.
- risk 0.40cvss 6.2epss 0.00
Improper access control in SemSensorManager for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to outdoor exercise and sleep time.
- risk 0.40cvss 6.2epss 0.00
Incorrect default permission in Galaxy Watch Gallery prior to SMR Mar-2025 Release 1 allows local attackers to access data in Galaxy Watch Gallery.
- risk 0.36cvss 5.5epss 0.00
Improper access control in fall detection for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to modify fall detection configuration.
- risk 0.36cvss 5.5epss 0.00
Improper access control in SemSensorService for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to motion and body sensors.
- risk 0.36cvss 5.5epss 0.00
Improper access control in ScreenCapture for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to take screenshots.
- risk 0.36cvss 5.5epss 0.00
Improper input validation in Settings prior to SMR Dec-2024 Release 1 allows local attackers to broadcast signal for discovering Bluetooth on Galaxy Watch.
- risk 0.36cvss 5.5epss 0.00
Improper log management vulnerability in Galaxy Watch PlugIn prior to version 2.2.05.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.
- risk 0.28cvss 4.3epss 0.00
Improper export of android application components in Settings in Galaxy Watch prior to SMR May-2025 Release 1 allows physical attackers to access developer settings.
- risk 0.12cvss 1.9epss 0.00
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows attacker to access password information of connected WiFiAp in the log
- risk 0.12cvss 1.9epss 0.00
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741 allows attackers to access user information in log.
- CVE-2025-20997Jul 8, 2025risk 0.00cvss —epss 0.00
Incorrect default permission in Framework for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to reset some configuration of Galaxy Watch.