Primary

Context

Samsung Galaxy Watch sem_wifi Service Improper Access Control Vulnerability Allowing MAC Address Modification

Vulnerability

Patched

A vulnerability exists in the sem_wifi service on Galaxy Watch devices running Android Watch 14, prior to the March 2025 Security Maintenance Release. This vulnerability allows privileged local attackers to change the MAC address of the watch. The issue stems from improper access control, which the latest security update addresses by implementing proper validation and access controls.

Impact

Exploitation of this vulnerability allows for unauthorized modification of the MAC address on affected Galaxy Watch devices.

Remediation

Users can apply the March 2025 Security Maintenance Release to address this vulnerability. This update is part of the regular security update process for Samsung devices.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung Galaxy Watch sem_wifi Service Improper Access Control Vulnerability Allowing MAC Address Modification

Vulnerability

Impact

Remediation

Affected Products

Samsung Galaxy Watch

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating