One thing that HP Fortify doesn't mentions is to attach specific flaws to individual products. That makes it hard to work out which issues might affect the market-leading Apple Watch.
There may have been good reasons for not revealing too much but without more data on specific products it is not likely that problems will be fixed in a hurry.
It's probably too early to start panicking over the implications for organisational security but the warning is clear: smartwatches have a way to go before they meet business security standards. The current products are startlingly immature.
HP struggles to come up with convincing advice such is the state of the insecurity it found. Users should not agree to pair with unrecognised devices, should set secure passwords, and disable certain kinds of network access unless the authentication on offer is of a high standard.
As for business developers trying to make sense of these devices inside their organisations, assume nothing as far as their built-in security goes. The Internet of Insecure Things (IoIT) has a way to go.
Sign up for CIO Asia eNewsletters.