CVE-2012-6422

Name: CVE-2012-6422
Creator: NVD / NIST
Published: 2012-12-18T00:55:04.197+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 15.16%

Last modified Jun 16, 2026

CVE-2012-6422 is a vulnerability of currently unknown severity. The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions (0666) for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges via a crafted application, as demonstrated by ExynosAbuse.. EPSS estimates a 15.16% chance of exploitation in the next 30 days.

Description

The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions (0666) for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges via a crafted application, as demonstrated by ExynosAbuse.

Metrics

EPSS Probability

15.16%

96.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-264

Affected Software

Vendor	Product	Versions
Meizu	Mx	All versions
Samsung	Galaxy Note 2	All versions
Samsung	Galaxy S2	All versions

References

Timeline

Published: Dec 18, 2012
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2012-6422?

How severe is CVE-2012-6422?

Severity scoring for CVE-2012-6422 is pending analysis. The EPSS model estimates a 15.16% probability of exploitation in the next 30 days.

How do I fix CVE-2012-6422?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2012-6422?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST