Vulnerability in Samsung Mobile Watch Active Plugin
CVE-2021-25422
Improper log management vulnerability in Watch Active PlugIn prior to version 2.2.07.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.
EPSS: 0.001 (26.9th percentile) — read the EPSS interpretation.
Affected products
- Samsung Mobile Watch Active Plugin — versions unspecified
Weakness classification (CWE)
References
- security.samsungmobile.com/serviceWeb.smsb (x_refsource_MISC)