Samsung: >> Galaxy Watch Plugin Security Vulnerabilities
Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number.
CVSS Score
5.9
EPSS Score
0.001
Published
2022-09-09
Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission.
CVSS Score
6.6
EPSS Score
0.001
Published
2022-09-09
Improper restriction of broadcasting Intent in GalaxyStoreBridgePageLinker of?Waterplugin prior to version 2.2.11.22081151 leaks MAC address of the connected Bluetooth device.
CVSS Score
5.9
EPSS Score
0.001
Published
2022-09-09
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows attacker to access password information of connected WiFiAp in the log
CVSS Score
1.9
EPSS Score
0.001
Published
2022-03-10
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741 allows attackers to access user information in log.
CVSS Score
1.9
EPSS Score
0.001
Published
2022-03-10
Improper log management vulnerability in Galaxy Watch PlugIn prior to version 2.2.05.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.
CVSS Score
5.5
EPSS Score
0.0
Published
2021-06-11