Vulnerabilities > Samsung > Galaxy Watch Plugin > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-09-09 CVE-2022-36873 Unspecified vulnerability in Samsung Galaxy Watch Plugin 2.2.05.21033151/2.2.05.220126741/2.2.05.22012751
Improper restriction of broadcasting Intent in GalaxyStoreBridgePageLinker of?Waterplugin prior to version 2.2.11.22081151 leaks MAC address of the connected Bluetooth device.
low complexity
samsung
6.5
2022-09-09 CVE-2022-36874 Improper Handling of Exceptional Conditions vulnerability in Samsung Galaxy Watch Plugin 2.2.05.21033151/2.2.05.220126741/2.2.05.22012751
Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number.
local
low complexity
samsung CWE-755
6.2
2022-09-09 CVE-2022-36875 Unspecified vulnerability in Samsung Galaxy Watch Plugin 2.2.05.21033151/2.2.05.220126741/2.2.05.22012751
Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission.
local
low complexity
samsung
5.5
2021-06-11 CVE-2021-25420 Information Exposure Through Log Files vulnerability in Samsung Galaxy Watch Plugin
Improper log management vulnerability in Galaxy Watch PlugIn prior to version 2.2.05.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.
local
low complexity
samsung CWE-532
5.5