Skip to main content

Wear Os

14 CVEs product

Monthly

CVE-2025-21004 MEDIUM This Month

Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device.

Information Disclosure Wear Os
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-20998 MEDIUM This Month

A security vulnerability in SamsungAccount for Galaxy Watch (CVSS 5.5) that allows local attackers. Remediation should follow standard vulnerability management procedures.

Information Disclosure Wear Os Samsung
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-20997 MEDIUM This Month

A security vulnerability in Framework for Galaxy Watch (CVSS 6.2) that allows local attackers. Remediation should follow standard vulnerability management procedures.

Information Disclosure Wear Os
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-20986 MEDIUM This Month

A security vulnerability in ScreenCapture for Galaxy Watch (CVSS 5.5) that allows local attackers. Remediation should follow standard vulnerability management procedures.

Information Disclosure Wear Os
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-20984 MEDIUM This Month

Incorrect default permission in Samsung Cloud for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to access data in Samsung Cloud for Galaxy Watch.

Privilege Escalation Samsung Wear Os
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-20956 MEDIUM This Month

Improper export of android application components in Settings in Galaxy Watch prior to SMR May-2025 Release 1 allows physical attackers to access developer settings. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wear Os Android Samsung
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-20946 HIGH This Week

Improper handling of exceptional conditions in pairing specific bluetooth devices in Galaxy Watch Bluetooth pairing prior to SMR Apr-2025 Release 1 allows local attackers to pair with specific. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wear Os
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-20945 MEDIUM Monitor

Improper access control in Galaxy Watch prior to SMR Apr-2025 Release 1 allows local attackers to access sensitive information of Galaxy watch. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wear Os
NVD
CVSS 3.1
4.0
EPSS
0.1%
CVE-2025-20939 MEDIUM This Month

Improper authorization in wireless download protocol in Galaxy Watch prior to SMR Apr-2025 Release 1 allows physical attackers to update device unique identifier of Watch devices. Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wear Os
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-20912 MEDIUM This Month

Incorrect default permission in DiagMonAgent prior to SMR Mar-2025 Release 1 allows local attackers to access data within Galaxy Watch. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wear Os
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-20911 MEDIUM This Month

Improper access control in sem_wifi service prior to SMR Mar-2025 Release 1 allows privileged local attackers to update MAC address of Galaxy Watch. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Wear Os
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2025-20910 MEDIUM This Month

Incorrect default permission in Galaxy Watch Gallery prior to SMR Mar-2025 Release 1 allows local attackers to access data in Galaxy Watch Gallery. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Wear Os
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2024-34613 MEDIUM This Month

Improper access control in Galaxy Watch prior to SMR Aug-2024 Release 1 allows local attackers to access sensitive information of Galaxy watch. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Wear Os
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-24930 LOW Monitor

An Improper access control vulnerability in StRetailModeReceiver in Wear OS 3.0 prior to Firmware update MAR-2022 Release allows untrusted applications to reset default app settings without a proper. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wear Os
NVD
CVSS 3.1
3.3
EPSS
0.4%
EPSS 0% CVSS 6.2
MEDIUM This Month

Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device.

Information Disclosure Wear Os
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A security vulnerability in SamsungAccount for Galaxy Watch (CVSS 5.5) that allows local attackers. Remediation should follow standard vulnerability management procedures.

Information Disclosure Wear Os Samsung
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

A security vulnerability in Framework for Galaxy Watch (CVSS 6.2) that allows local attackers. Remediation should follow standard vulnerability management procedures.

Information Disclosure Wear Os
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A security vulnerability in ScreenCapture for Galaxy Watch (CVSS 5.5) that allows local attackers. Remediation should follow standard vulnerability management procedures.

Information Disclosure Wear Os
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Incorrect default permission in Samsung Cloud for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to access data in Samsung Cloud for Galaxy Watch.

Privilege Escalation Samsung Wear Os
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Improper export of android application components in Settings in Galaxy Watch prior to SMR May-2025 Release 1 allows physical attackers to access developer settings. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wear Os Android +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Improper handling of exceptional conditions in pairing specific bluetooth devices in Galaxy Watch Bluetooth pairing prior to SMR Apr-2025 Release 1 allows local attackers to pair with specific. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wear Os
NVD
EPSS 0% CVSS 4.0
MEDIUM Monitor

Improper access control in Galaxy Watch prior to SMR Apr-2025 Release 1 allows local attackers to access sensitive information of Galaxy watch. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wear Os
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Improper authorization in wireless download protocol in Galaxy Watch prior to SMR Apr-2025 Release 1 allows physical attackers to update device unique identifier of Watch devices. Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wear Os
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

Incorrect default permission in DiagMonAgent prior to SMR Mar-2025 Release 1 allows local attackers to access data within Galaxy Watch. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wear Os
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Improper access control in sem_wifi service prior to SMR Mar-2025 Release 1 allows privileged local attackers to update MAC address of Galaxy Watch. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Wear Os
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

Incorrect default permission in Galaxy Watch Gallery prior to SMR Mar-2025 Release 1 allows local attackers to access data in Galaxy Watch Gallery. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Wear Os
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Improper access control in Galaxy Watch prior to SMR Aug-2024 Release 1 allows local attackers to access sensitive information of Galaxy watch. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Wear Os
NVD
EPSS 0% CVSS 3.3
LOW Monitor

An Improper access control vulnerability in StRetailModeReceiver in Wear OS 3.0 prior to Firmware update MAR-2022 Release allows untrusted applications to reset default app settings without a proper. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wear Os
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy