CVE-2025-20911
4.4
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Exploitability: 0.8 / Impact: 3.6
Source: mobile.security@samsung.com (Secondary)
Description
Improper access control in sem_wifi service prior to SMR Mar-2025 Release 1 allows privileged local attackers to update MAC address of Galaxy Watch.
Affected (1)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 5.0 |
| Running on/with | Platform Versions |
|---|---|
Samsung Galaxy Watch | All versions |
Samsung Galaxy Watch 4 | All versions |
Samsung Galaxy Watch 4 Classic | All versions |
Samsung Galaxy Watch 5 | All versions |
Samsung Galaxy Watch 5 Pro | All versions |
Samsung Galaxy Watch 6 | All versions |
Samsung Galaxy Watch 6 Classic | All versions |
Samsung Galaxy Watch 7 | All versions |
Samsung Galaxy Watch Fe | All versions |
Samsung Galaxy Watch Ultra | All versions |
References (1)
Source: mobile.security@samsung.com
Vendor Advisory
Timeline
No history available yet.