Samsung is offering up to $1 million to anyone who can find security flaws in its software

Samsung has launched a new bug-hunting bounty program to encourage reports on security vulnerabilities across its range of mobile devices.

Rewards for local arbitrary execution are in the region of $300,000 while remote code execution (RCE) will see a reward of $1,000,000.

The ‘Important Scenario Vulnerability Program (ISVP)’ will have people searching for exploits related to device unlocking, data extraction, and device protection bypass.

Money, money, money

For Samsung’s Rich OS, local code execution flaws will fetch $150,000 and RCEs hitting a maximum payout of $300,000. Reports of successful data extraction on the first unlock will see a reward of $400,000, which drops down to $200,000 if the extraction is achieved after the first unlock.

The maximum rewards require the vulnerability to be persistent and 0-click. Other rewards with a lower payout include remote arbitrary application installation from an unofficial marketplace or attacker server which will see a $100,000 reward, and $60,000 if installed from the Galaxy Store.

To qualify as a successful report, the vulnerabilities must be a buildable exploit that works without privileges consistently on Samsung’s main device models running the latest security update.

Samsung also revealed it paid out $827,925 as part of 2023’s bug bounty program, with 113 security researchers participating in the Mobile Security Rewards Program. So far, all of Samsung’s bug bounty programs since 2017 have paid out over $4.9m.

Via BleepingComputer

More from TechRadar Pro

https://cdn.mos.cms.futurecdn.net/4kLt4rYpdVi8dZeXPD6Pea-1200-80.jpg

Source link
benedict.collins@futurenet.com (Benedict Collins)

This foldable triple-screen laptop extender weighs under five pounds and needs no external power

GPU prices in 2025: current prices on all the latest graphics cards on the market

GPU prices in 2025: current prices on all the latest graphics cards on the market

Google Password manager is a favourite amongst TechRadar Pro readers – what’s yours?

Ex-Israeli Intelligence Official: Shockwaves of Trump’s “Take Over Gaza” Heard, Felt Across Region

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

Which Celebrity Styles Americans Copy Most in 2025: New Study

New ‘Westworld’ trailer introduces us to another dystopian tech company

What’s the point of ‘Charlie’s Angels’ without Sam Rockwell dancing?

These striking photos capture the future of human flight

LVMH's Moet Hennessy to cut workforce by 10%, FT reports

Robinhood says customers deposited a record $6.5 billion in April as active traders try to profit off market chaos

Exclusive-US pushing Congo-Rwanda peace accord accompanied by bilateral minerals deals

South Korea presidential race rocked by court ruling, resignations

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays

Samsung is offering up to $1 million to anyone who can find security flaws in its software

LVMH's Moet Hennessy to cut workforce by 10%, FT reports

Robinhood says customers deposited a record $6.5 billion in April as active traders try to profit off market chaos

Exclusive-US pushing Congo-Rwanda peace accord accompanied by bilateral minerals deals

South Korea presidential race rocked by court ruling, resignations