CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-20939

Improper authorization in wireless download protocol in Galaxy Watch prior to SMR Apr-2025 Release 1 allows physical attackers to update device unique identifier of Watch devices.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 18.4%

CVSS Severity

CVSS v3 Score 5.4

References

https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04

Products affected by CVE-2025-20939

Samsung » Galaxy Watch » Version: N/A

cpe:2.3:h:samsung:galaxy_watch:-
Samsung » Galaxy Watch 4 » Version: N/A

cpe:2.3:h:samsung:galaxy_watch_4:-
Samsung » Galaxy Watch 4 Classic » Version: N/A

cpe:2.3:h:samsung:galaxy_watch_4_classic:-
Samsung » Galaxy Watch 5 » Version: N/A

cpe:2.3:h:samsung:galaxy_watch_5:-
Samsung » Galaxy Watch 5 Pro » Version: N/A

cpe:2.3:h:samsung:galaxy_watch_5_pro:-
Samsung » Galaxy Watch 6 » Version: N/A

cpe:2.3:h:samsung:galaxy_watch_6:-
Samsung » Galaxy Watch 6 Classic » Version: N/A

cpe:2.3:h:samsung:galaxy_watch_6_classic:-
Samsung » Galaxy Watch 7 » Version: N/A

cpe:2.3:h:samsung:galaxy_watch_7:-
Samsung » Galaxy Watch Fe » Version: N/A

cpe:2.3:h:samsung:galaxy_watch_fe:-
Samsung » Galaxy Watch Ultra » Version: N/A

cpe:2.3:h:samsung:galaxy_watch_ultra:-
Samsung » Wear Os » Version: 5.0

cpe:2.3:o:samsung:wear_os:5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-20939

Products

Pricing

Contact Us