CVE-2025-20998

3 documents3 sources
Severity
3.3LOW
EPSS
0.0%
top 94.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Samsung Wear OS
Timeline
PublishedJul 8

Description

Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to access phone number.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-9c6p-3cm9-mxv6: Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to access phone number2025-07-08
CVEList
CVE-2025-20998: Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to access phone number2025-07-08
CVE-2025-20998 (LOW CVSS 3.3) | Improper access control in SamsungA | cvebase.io