Every CVE whose affected-product data names Samsung Wear Os, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (19)
CVE-2025-20946 — CVSS 8.8 (high): Improper handling of exceptional conditions in pairing specific bluetooth devices in Galaxy Watch Bluetooth pairing prior to SMR Apr-2025…
CVE-2025-20984 — CVSS 6.8 (medium): Incorrect default permission in Samsung Cloud for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to access data in…
CVE-2025-20910 — CVSS 6.2 (medium): Incorrect default permission in Galaxy Watch Gallery prior to SMR Mar-2025 Release 1 allows local attackers to access data in Galaxy Watch…
CVE-2025-20997 — CVSS 6.2 (medium): Incorrect default permission in Framework for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to reset some…
CVE-2025-21004 — CVSS 6.2 (medium): Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers…
CVE-2025-20912 — CVSS 6.2 (medium): Incorrect default permission in DiagMonAgent prior to SMR Mar-2025 Release 1 allows local attackers to access data within Galaxy Watch.
CVE-2025-20986 — CVSS 5.5 (medium): Improper access control in ScreenCapture for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to take screenshots.
CVE-2025-20998 — CVSS 5.5 (medium): Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to access phone number.
CVE-2025-20939 — CVSS 5.4 (medium): Improper authorization in wireless download protocol in Galaxy Watch prior to SMR Apr-2025 Release 1 allows physical attackers to update…
CVE-2025-20911 — CVSS 4.4 (medium): Improper access control in sem_wifi service prior to SMR Mar-2025 Release 1 allows privileged local attackers to update MAC address of…
CVE-2022-24930 — CVSS 4.4 (medium): An Improper access control vulnerability in StRetailModeReceiver in Wear OS 3.0 prior to Firmware update MAR-2022 Release allows untrusted…
CVE-2025-20956 — CVSS 4.3 (medium): Improper export of android application components in Settings in Galaxy Watch prior to SMR May-2025 Release 1 allows physical attackers to…
CVE-2025-21045 — CVSS 4.0 (medium): Insecure storage of sensitive information in Galaxy Watch prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive…
CVE-2022-23995 — CVSS 4.0 (medium): Unprotected component vulnerability in StBedtimeModeAlarmReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted…
CVE-2022-23996 — CVSS 4.0 (medium): Unprotected component vulnerability in StTheaterModeReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted…
CVE-2022-23997 — CVSS 4.0 (medium): Unprotected component vulnerability in StTheaterModeDurationAlarmReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows…
CVE-2024-34613 — CVSS 4.0 (medium): Improper access control in Galaxy Watch prior to SMR Aug-2024 Release 1 allows local attackers to access sensitive information of Galaxy…
CVE-2025-20945 — CVSS 4.0 (medium): Improper access control in Galaxy Watch prior to SMR Apr-2025 Release 1 allows local attackers to access sensitive information of Galaxy…
CVE-2022-23994 — CVSS 3.3 (low): An Improper access control vulnerability in StBedtimeModeReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted…