Primary

Context

Samsung Galaxy Watch Improper Input Validation Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Patched

A vulnerability exists in Galaxy Watch devices running versions prior to the SMR May-2026 Release 1. The issue stems from improper input validation in the FacAtFunction, which enables local attackers to execute arbitrary code with system privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of code with elevated system privileges on the affected Galaxy Watch devices.

Remediation

Users can update their devices to the SMR May-2026 Release 1 to address this vulnerability.

Added: May 13, 2026, 4:42 PM

Updated: May 13, 2026, 4:42 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

7.5

exploitability

2.7

remediation

7.7

relevance

8.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

7.5

exploitability

2.7

remediation

7.7

relevance

8.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung Galaxy Watch Improper Input Validation Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

Samsung Galaxy Watch

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating