How severe is CVE-2025-32407?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2025-32407?

This is classified as CWE-295, which is a common weakness in software security.

CVE-2025-32407 - MEDIUM Severity | CVSS 5.9

Vulnerability Description

Samsung Internet for Galaxy Watch version 5.0.9, available up until Samsung Galaxy Watch 3, does not properly validate TLS certificates, allowing for an attacker to impersonate any and all websites visited by the user. This is a critical misconfiguration in the way the browser validates the identity of the server. It negates the use of HTTPS as a secure channel, allowing for Man-in-the-Middle attacks, stealing sensitive information or modifying incoming and outgoing traffic. NOTE: This vulnerability is in an end-of-life product that is no longer maintained by the vendor.

Related Vulnerabilities

CVE-2008-4989

MEDIUM

CVSS:5.9(Medium)

The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certi...

CWE-2952008

CVE-2009-2408

MEDIUM

CVSS:5.9(Medium)

Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the s...

CWE-2952009

CVE-2010-4237

MEDIUM

CVSS:5.9(Medium)

Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middl...

CWE-2952010

CVE-2010-4532

MEDIUM

CVSS:5.9(Medium)

offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-the-middle attacks.

CWE-2952010

CVE-2011-0199

MEDIUM

CVSS:5.9(Medium)

The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation (EV) certificates that lack OCSP URLs, which might allow man-in-the-middle ...

CWE-2952011

CVE-2012-1316

MEDIUM

CVSS:5.9(Medium)

Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead to MITM attacks

CWE-2952012