[ad_1]
Samsung has launched a new program to reward people who find security issues on its mobile devices. Under the program, those who find security flaws in Samsung’s software will receive more than $1 million in rewards.
The program, called the Significant Scenario Vulnerabilities Program (ISVP), requires users to discover issues related to unlocking devices, extracting data, and bypassing device security.
Under the program, local arbitrary execution cases will receive rewards of $300,000, and remote code execution (RCE) cases will receive rewards of $1 million.
Samsung Rich OS local code execution issues will be compensated at $150,000, and RCE issues will be compensated at $300,000. The first unlock amount for data extraction cases is $400,000, and the unlock amount for subsequent data extraction cases is $200,000.
The highest rewards will be given for persistence and zero-click cases. Meanwhile, cases involving remote installation of apps from unofficial marketplaces or attacker servers will receive a reward of $100,000, and cases involving installation of apps from the Galaxy Store will receive a reward of $60,000.
Reports will be accepted under the program if the issue is a persistent and buildable vulnerability, without privileges, that includes the latest security updates for major Samsung device models.
The program is seen as an important step to further strengthen the security of Samsung devices. This will enable security experts to identify and fix issues in Samsung’s software. This is expected to provide additional security for users of Samsung devices.
[ad_2]
Source link
