Improper Access Control in Galaxy Wearable by Samsung
CVE-2025-20923

4MEDIUM

Key Information:

Vendor: Samsung
Status: Galaxy Wearable
Vendor: CVE Published:; 6 March 2025

What is CVE-2025-20923?

A vulnerability in Samsung's Galaxy Wearable prior to version 2.2.61.24112961 permits local attackers to execute arbitrary activities with the privileges associated with the Galaxy Wearable application. This improper access control flaw poses potential risks, allowing unauthorized operations that may compromise user data and device integrity. It is crucial for users to update to the latest version to safeguard against such vulnerabilities.

Affected Version(s)

Galaxy Wearable 2.2.61.24112961

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 6, 2025
Vulnerability Reserved
Nov 6, 2024