PT-2025-15346 · Samsung · Galaxy Watch

Published

2025-04-08

Updated

2026-01-27

CVE-2025-20945

CVSS v3.1

6.2

Medium

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Galaxy Watch versions prior to SMR Apr-2025 Release 1

Description: The issue is related to inadequate access control, allowing local attackers to access sensitive information on the Galaxy Watch. This could potentially expose confidential data.

Recommendations: For Galaxy Watch versions prior to SMR Apr-2025 Release 1, update to SMR Apr-2025 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting local access to the device to minimize the risk of exploitation.

Fix

Insecure Storage of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-922

Related Identifiers

CVE-2025-20945

Affected Products

Galaxy Watch

PT-2025-15346 · Samsung · Galaxy Watch

CVE-2025-20945

Weakness Enumeration

Related Identifiers

Affected Products

References · 6