CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20956
https://notcve.org/view.php?id=CVE-2025-20956
07 May 2025 — Improper export of android application components in Settings in Galaxy Watch prior to SMR May-2025 Release 1 allows physical attackers to access developer settings. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=05 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20955
https://notcve.org/view.php?id=CVE-2025-20955
07 May 2025 — Improper Export of Android Application Components in NotificationHistoryImageProvider prior to SMR May-2025 Release 1 allows local attackers to access notification images. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=05 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-20954
https://notcve.org/view.php?id=CVE-2025-20954
07 May 2025 — Use of implicit intent for sensitive communication in EnrichedCall prior to SMR May-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=05 •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20953
https://notcve.org/view.php?id=CVE-2025-20953
07 May 2025 — Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to launch activities within SmartManagerCN. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=05 •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2025-20937
https://notcve.org/view.php?id=CVE-2025-20937
07 May 2025 — Out-of-bounds write in Keymaster trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=05 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20952
https://notcve.org/view.php?id=CVE-2025-20952
09 Apr 2025 — Improper access control in Mdecservice prior to SMR Apr-2025 Release 1 allows local attackers to access arbitrary files with system privilege. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20946
https://notcve.org/view.php?id=CVE-2025-20946
08 Apr 2025 — Improper handling of exceptional conditions in pairing specific bluetooth devices in Galaxy Watch Bluetooth pairing prior to SMR Apr-2025 Release 1 allows local attackers to pair with specific bluetooth devices without user interaction. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20939
https://notcve.org/view.php?id=CVE-2025-20939
08 Apr 2025 — Improper authorization in wireless download protocol in Galaxy Watch prior to SMR Apr-2025 Release 1 allows physical attackers to update device unique identifier of Watch devices. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20948
https://notcve.org/view.php?id=CVE-2025-20948
08 Apr 2025 — Out-of-bounds read in enrollment with cdsp frame secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attackers to read out-of-bounds memory. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20947
https://notcve.org/view.php?id=CVE-2025-20947
08 Apr 2025 — Improper handling of insufficient permission or privileges in ClipboardService prior to SMR Apr-2025 Release 1 allows local attackers to access image files across multiple users. User interaction is required for triggering this vulnerability. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 •