CVE-2025-32407

Name of the Vulnerable Software and Affected Versions: Samsung Internet for Galaxy Watch version 5.0.9

Description: The issue is a critical misconfiguration in the way the browser validates the identity of the server, allowing an attacker to impersonate any website visited by the user. This negates the use of HTTPS as a secure channel, enabling Man-in-the-Middle attacks, which can result in the theft of sensitive information or modification of incoming and outgoing traffic.

Recommendations: For Samsung Internet for Galaxy Watch version 5.0.9, consider disabling the use of HTTPS until a patch is available, and restrict access to sensitive information when using this browser version to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.