Details of VAR-202512-0943

ID

VAR-202512-0943

CVE

CVE-2025-58483

DESCRIPTION

Improper export of android application components in Galaxy Store for Galaxy Watch prior to version 1.0.06.29 allows local attacker to install arbitrary application on Galaxy Store.

Trust: 1.0

sources: NVD: CVE-2025-58483

AFFECTED PRODUCTS

vendor:

samsung

model:

galaxy store

scope:

version:

1.0.06.29

Trust: 1.0

sources: NVD: CVE-2025-58483

CVSS

SEVERITY

CVSSV2

CVSSV3

mobile.security@samsung.com:	CVE-2025-58483
value:	MEDIUM
Trust: 1.0
nvd@nist.gov:	CVE-2025-58483
value:	LOW
Trust: 1.0

mobile.security@samsung.com:	CVE-2025-58483
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	2.5
impactScore:	3.4
version:	3.1
Trust: 1.0
nvd@nist.gov:	CVE-2025-58483
baseSeverity:	LOW
baseScore:	3.3
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	1.4
version:	3.1
Trust: 1.0

sources: NVD: CVE-2025-58483 // NVD: CVE-2025-58483

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2025-58483

EXTERNAL IDS

db:

NVD

id:

CVE-2025-58483

Trust: 1.0

sources: NVD: CVE-2025-58483

REFERENCES

url:

https://security.samsungmobile.com/serviceweb.smsb?year=2025&month=12

Trust: 1.0

sources: NVD: CVE-2025-58483

SOURCES

db:

NVD

id:

CVE-2025-58483

LAST UPDATE DATE

2025-12-19T22:58:08.075000+00:00

SOURCES UPDATE DATE

db:

NVD

id:

CVE-2025-58483

date:

2025-12-04T18:11:21.680

SOURCES RELEASE DATE

db:

NVD

id:

CVE-2025-58483

date:

2025-12-02T02:15:48.223