Incorrect Default Permission in Galaxy Wearable by Samsung
CVE-2026-21013

6.9MEDIUM

Key Information:

Vendor: Samsung
Status: Galaxy Wearable
Vendor: CVE Published:; 13 April 2026

What is CVE-2026-21013?

An incorrect default permission configuration in Samsung's Galaxy Wearable prior to version 2.2.68.26 allows local attackers to gain unauthorized access to sensitive information on the device. This vulnerability poses a risk to user privacy and data security, highlighting the necessity for users to update their devices to the latest version to mitigate potential threats.

Affected Version(s)

Galaxy Wearable 2.2.68.26

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 13, 2026
Vulnerability Reserved
Dec 11, 2025

CVE-2026-21013 Data

JSON