← Back

CVE-2025-21045

nvd nist
Published: Oct 10, 2025Modified: Jan 9, 2026

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

Insecure storage of sensitive information in Galaxy Watch prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information.

Affected (1)

Products: Samsung: Wear Os
Samsung
1 product
Wear Os
Configuration A
1 vulnerable · 10 platform
Vulnerable SoftwareAffected Versions
Wear Os
Version 5.0
Running on/withPlatform Versions
Samsung
Galaxy Watch
All versions
Samsung
Galaxy Watch 4
All versions
Samsung
Galaxy Watch 4 Classic
All versions
Samsung
Galaxy Watch 5
All versions
Samsung
Galaxy Watch 5 Pro
All versions
Samsung
Galaxy Watch 6
All versions
Samsung
Galaxy Watch 6 Classic
All versions
Samsung
Galaxy Watch 7
All versions
Samsung
Galaxy Watch Fe
All versions
Samsung
Galaxy Watch Ultra
All versions

Related CWEs

CWE-922
Insecure Storage of Sensitive Information
The product stores sensitive information without properly limiting read or write access by unauthorized actors.

References (1)

Source: mobile.security@samsung.com
Vendor Advisory

Timeline

No history available yet.