Samsung Announces $1 Million Rewards for Arbitrary Code Execution Vulnerabilities

Samsung has critically elevated its bug bounty program as piece of its ongoing efforts to give a enhance to mobile security.

The tech extensive is now offering rewards of as much as $1 million for researchers who can demonstrate excessive vulnerabilities in its mobile devices, in particular those connected to arbitrary code execution on highly privileged targets.

This unique initiative, piece of Samsung’s Valuable Scenario Vulnerability Program (ISVP), makes a speciality of vulnerabilities that might per chance well presumably critically affect their merchandise. The program particularly targets the next excessive scenarios:

1. Arbitrary code execution on privileged targets.
2. Machine unlocking and complete user records extraction.
3. Arbitrary utility installation.
4. Bypass of machine protection solutions.

The very best reward of $1 million is reserved for faraway arbitrary code execution vulnerabilities focusing on Knox Vault, Samsung’s trusty ambiance for storing gentle records. Assorted principal rewards encompass:

• As much as $400,000 for faraway code execution on TEEGRIS OS.
• As much as $300,000 for faraway code execution on Rich OS.
• As much as $400,000 for machine unencumber and complete user records extraction earlier than first unencumber.

To qualify for these prime-tier rewards, researchers must meet several criteria:

• The narrative must fully satisfy the Correct File Bonus requirements.
• Encompass a buildable exploit demonstrating a successful attack on a variety of Valuable Eventualities.
• The exploit must work repeatedly on the most traditional security update of the most traditional flagship devices (Galaxy S and Z sequence).
• The exploit might per chance well presumably silent be executable with out privileges.

Samsung’s elevated bounties replicate mobile security’s increasing importance in an expertise of more and more subtle cyber threats. Samsung encourages security researchers to search out and narrative excessive vulnerabilities, aiming to prevent doable assaults and protect customers’ records.

This pass aligns with Samsung’s lengthy-standing commitment to mobile security. The company has been working its Cell Security Rewards Program since 2016, continuously updating it to cloak unique devices and companies and products.

The program now encompasses 38 Samsung mobile devices that earn month-to-month and quarterly security updates and numerous Samsung Cell Services love Bixby, Samsung Fable, Samsung Pay, and Samsung Pass.

By critically increasing the functionality rewards, Samsung is now not finest attracting more security researchers to detect vulnerabilities in its merchandise but additionally showing its commitment to hanging forward high requirements of security for mobile devices in an more and more advanced digital world.