CVE-2025-20923 MEDIUM

CVE-2025-20923

Published March 6, 2025
Last update March 6, 2025

CVSS base score

4.0/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

What the vulnerability does

01Description

Improper access control in Galaxy Wearable prior to version 2.2.61.24112961 allows local attackers to launch arbitrary activity with Galaxy Wearable privilege.

Key dates

02Disclosure timeline

March 6, 2025 CVE published
March 6, 2025 Record updated