Galaxy Watch 4 Classic CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-20997	1 Samsung	11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more	2026-01-21	6.2 Medium
Incorrect default permission in Framework for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to reset some configuration of Galaxy Watch.
CVE-2025-20998	1 Samsung	11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more	2026-01-20	5.5 Medium
Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to access phone number.
CVE-2025-21004	2 Samsung, Samsung Mobile	12 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 9 more	2026-01-20	6.2 Medium
Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device.
CVE-2025-20956	1 Samsung	11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more	2026-01-16	4.3 Medium
Improper export of android application components in Settings in Galaxy Watch prior to SMR May-2025 Release 1 allows physical attackers to access developer settings.
CVE-2025-21045	1 Samsung	12 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 9 more	2026-01-10	4 Medium
Insecure storage of sensitive information in Galaxy Watch prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information.

Page 1 of 1.