Shodan
Vulnerabilities
Vulnerable Software
Samsung:  Security Vulnerabilities
CVE-2025-20945
Improper access control in Galaxy Watch prior to SMR Apr-2025 Release 1 allows local attackers to access sensitive information of Galaxy watch.
CVSS Score
4.0
EPSS Score
0.001
Published
2025-04-08
CVE-2025-20946
Improper handling of exceptional conditions in pairing specific bluetooth devices in Galaxy Watch Bluetooth pairing prior to SMR Apr-2025 Release 1 allows local attackers to pair with specific bluetooth devices without user interaction.
CVSS Score
8.8
EPSS Score
0.002
Published
2025-04-08
CVE-2025-20947
Improper handling of insufficient permission or privileges in ClipboardService prior to SMR Apr-2025 Release 1 allows local attackers to access image files across multiple users. User interaction is required for triggering this vulnerability.
CVSS Score
5.5
EPSS Score
0.001
Published
2025-04-08
CVE-2025-20948
Out-of-bounds read in enrollment with cdsp frame secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attackers to read out-of-bounds memory.
CVSS Score
5.5
EPSS Score
0.001
Published
2025-04-08
CVE-2025-20950
Use of implicit intent for sensitive communication in SamsungNotes prior to version 4.4.26.45 allows local attackers to access sensitive information.
CVSS Score
4.0
EPSS Score
0.001
Published
2025-04-08
CVE-2025-20951
Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.90.7 allows local attackers to write arbitrary files with the privilege of Galaxy Store.
CVSS Score
5.1
EPSS Score
0.001
Published
2025-04-08
CVE-2025-20936
Improper access control in HDCP trustlet prior to SMR Apr-2025 Release 1 allows local attackers with shell privilege to escalate their privileges to root.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-04-08
CVE-2025-20938
Improper access control in SamsungContacts prior to SMR Apr-2025 Release 1 allows local attackers to access protected data in SamsungContacts.
CVSS Score
5.5
EPSS Score
0.001
Published
2025-04-08
CVE-2025-20939
Improper authorization in wireless download protocol in Galaxy Watch prior to SMR Apr-2025 Release 1 allows physical attackers to update device unique identifier of Watch devices.
CVSS Score
5.4
EPSS Score
0.002
Published
2025-04-08
CVE-2025-20941
Improper access control in InputManager to SMR Apr-2025 Release 1 allows local attackers to access the scancode of specific input device.
CVSS Score
6.2
EPSS Score
0.001
Published
2025-04-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved