Vulnerabilities > Samsung > Gear FIT 2 PRO Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-01-22 CVE-2018-16272 Improper Privilege Management vulnerability in Samsung products
The wpa_supplicant system service in Samsung Galaxy Gear series allows an unprivileged process to fully control the Wi-Fi interface, due to the lack of its D-Bus security policy configurations.
network
low complexity
samsung CWE-269
critical
9.8
2020-01-22 CVE-2018-16271 Improper Privilege Management vulnerability in Samsung products
The wemail_consumer_service (from the built-in application wemail) in Samsung Galaxy Gear series allows an unprivileged process to manipulate a user's mailbox, due to improper D-Bus security policy configurations.
low complexity
samsung CWE-269
6.5
2020-01-22 CVE-2018-16270 Improper Privilege Management vulnerability in Samsung products
Samsung Galaxy Gear series before build RE2 includes the hcidump utility with no privilege or permission restriction.
network
low complexity
samsung CWE-269
7.5
2020-01-22 CVE-2018-16269 Information Exposure vulnerability in Samsung products
The wnoti system service in Samsung Galaxy Gear series allows an unprivileged process to take over the internal notification message data, due to improper D-Bus security policy configurations.
network
low complexity
samsung CWE-200
7.5