We appreciate your interest and intention to help improve the security of Samsung Mobile products.
We take security and privacy issues very seriously; and as an appreciation for helping Samsung Mobile improve the security of our products and minimizing risk to our end-consumers, we are offering a rewards program for eligible security vulnerability reports.
Please check below for more information on guidelines and eligibility for Samsung Mobile Security Rewards Program.
We look forward to your continued interests and participations in our Samsung Mobile Security Rewards Program. Through this rewards program, we hope to build and maintain valuable relationships with researchers who coordinate disclosure of security issues with Samsung Mobile.
To ensure smooth and timely operation, please make sure you carefully read and fully understand the requirements and guidelines below before submitting security reports for the rewards program.
Please refer to the Security Reporting page for submitting security reports.
We also consider difficulty of attack as an important factor, such as attack complexity, and required privileges or user interaction.
Criteria | Explanation |
---|---|
Attack Complexity | Indicates how complicated the attack is and whether it requires specific conditions. For instance, if it needs a particular circumvention, system status or excessive preconditions to trigger the vulnerability, then we determine the vulnerability requires high attack complexity. |
Privileges Required | Indicates the level of privileges required for triggering the vulnerability. In general, we determine the vulnerability requires high privilege required when it requires specific privileged capabilities to trigger a vulnerability. |
User Interaction | Indicates whether triggering vulnerability requires interaction with the victim. In general, when no user interaction is required, we determine that the vulnerability has high impact. |