PT-2025-28376 · Samsung · Framework For Galaxy Watch
Hsia.Angsh
·
Published
2025-07-08
·
Updated
2026-01-20
·
CVE-2025-20997
CVSS v3.1
6.2
Medium
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions:
Framework for Galaxy Watch versions prior to SMR Jul-2025 Release 1
Description:
The issue is related to incorrect default permissions in the Framework for Galaxy Watch, allowing local attackers to reset some configurations of the Galaxy Watch.
Recommendations:
For versions prior to SMR Jul-2025 Release 1, update to SMR Jul-2025 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting local access to the Galaxy Watch to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Framework For Galaxy Watch