CVE-2025-20939

Name of the Vulnerable Software and Affected Versions: Galaxy Watch versions prior to SMR Apr-2025 Release 1

Description: The issue is related to improper authorization in the wireless download protocol, allowing physical attackers to update the device unique identifier of Watch devices. This could potentially lead to unauthorized access or changes to device settings.

Recommendations: For Galaxy Watch versions prior to SMR Apr-2025 Release 1, update to the SMR Apr-2025 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting physical access to the device to minimize the risk of exploitation.