9.3

CVE-2012-6422

Exploit
The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions (0666) for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges via a crafted application, as demonstrated by ExynosAbuse.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MeizuMx Version-
SamsungGalaxy Note 2 Version-
SamsungGalaxy S2 Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 15.16% 0.963
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://arstechnica.com/security/2012/12/developer-warns-of-critical-vulnerability-in-many-samsung-smartphones/
http://forum.xda-developers.com/showthread.php?p=35469999
Exploit
http://forum.xda-developers.com/showthread.php?t=2051290
http://osvdb.org/88467
http://project-voodoo.org/articles/instant-fix-app-for-exynos-mem-abuse-vulnerability-no-root-required-reversible
http://www.sammobile.com/2012/12/16/major-vulnerability-found-on-exynos-4-devices/
http://www.securityweek.com/new-vulnerability-exposed-samsungs-android-devices