Skip to main content

Wear Os CVE-2025-21004

| EUVDEUVD-2025-20441 MEDIUM
Improper Verification of Cryptographic Signature (CWE-347)
2025-07-08 mobile.security@samsung.com
6.2
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.2 MEDIUM
AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 16, 2026 - 04:21 euvd
EUVD-2025-20441
Analysis Generated
Mar 16, 2026 - 04:21 vuln.today
CVE Published
Jul 08, 2025 - 11:15 nvd
MEDIUM 6.2

DescriptionCVE.org

Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device.

Analysis

Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device.

Technical ContextAI

This vulnerability is classified as Improper Verification of Cryptographic Signature (CWE-347).

RemediationAI

Monitor vendor advisories for patches. Apply mitigations such as network segmentation, access restrictions, and monitoring.

CVE-2025-20946 HIGH
8.8 Apr 08

Improper handling of exceptional conditions in pairing specific bluetooth devices in Galaxy Watch Bluetooth pairing prio

CVE-2025-20984 MEDIUM
6.8 Jun 04

Incorrect default permission in Samsung Cloud for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to

CVE-2025-20912 MEDIUM
6.2 Mar 06

Incorrect default permission in DiagMonAgent prior to SMR Mar-2025 Release 1 allows local attackers to access data withi

CVE-2025-20910 MEDIUM
6.2 Mar 06

Incorrect default permission in Galaxy Watch Gallery prior to SMR Mar-2025 Release 1 allows local attackers to access da

CVE-2025-20997 MEDIUM
6.2 Jul 08

A security vulnerability in Framework for Galaxy Watch (CVSS 6.2) that allows local attackers. Remediation should follow

CVE-2025-20986 MEDIUM
5.5 Jun 04

A security vulnerability in ScreenCapture for Galaxy Watch (CVSS 5.5) that allows local attackers. Remediation should fo

CVE-2025-20998 MEDIUM
5.5 Jul 08

A security vulnerability in SamsungAccount for Galaxy Watch (CVSS 5.5) that allows local attackers. Remediation should f

CVE-2024-34613 MEDIUM
5.5 Aug 07

Improper access control in Galaxy Watch prior to SMR Aug-2024 Release 1 allows local attackers to access sensitive infor

CVE-2025-20939 MEDIUM
5.4 Apr 08

Improper authorization in wireless download protocol in Galaxy Watch prior to SMR Apr-2025 Release 1 allows physical att

CVE-2025-20911 MEDIUM
4.4 Mar 06

Improper access control in sem_wifi service prior to SMR Mar-2025 Release 1 allows privileged local attackers to update

CVE-2025-20956 MEDIUM
4.3 May 07

Improper export of android application components in Settings in Galaxy Watch prior to SMR May-2025 Release 1 allows phy

CVE-2022-24930 LOW
3.3 Mar 10

An Improper access control vulnerability in StRetailModeReceiver in Wear OS 3.0 prior to Firmware update MAR-2022 Releas

Share

CVE-2025-21004 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy