PT-2025-23746 · Samsung · Samsung Cloud For Galaxy Watch

Localh0Ster

Published

2025-06-04

Updated

2026-02-02

CVE-2025-20984

CVSS v3.1

6.8

Medium

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

Name of the Vulnerable Software and Affected Versions Samsung Cloud for Galaxy Watch versions prior to SMR Jun-2025 Release 1

Description The issue is related to an incorrect default permission setting in Samsung Cloud for Galaxy Watch, allowing local attackers to access data. This could potentially expose sensitive information.

Recommendations For versions prior to SMR Jun-2025 Release 1, update to SMR Jun-2025 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive data stored in Samsung Cloud for Galaxy Watch until the update is applied.

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2025-20984

Affected Products

Samsung Cloud For Galaxy Watch

PT-2025-23746 · Samsung · Samsung Cloud For Galaxy Watch

CVE-2025-20984

Weakness Enumeration

Related Identifiers

Affected Products

References · 6