Improper authentication in Samsung Pass prior to version 4.2.03.1 allows local malicious user to access stored account information when Samsung Wallet is not installed.
samsung pass