Samsung has dangled its first $1 million bug bounty for anyone who successfully compromises Knox Vault, the isolated subsystem in its smartphones for storing credentials and running authentication routines.
Cracking a Galaxy S or Z handset as an unprivileged user and demonstrating use of a zero-click method is required to earn the $1 million bug bounty.
Samsung's Important Scenario Vulnerability Program offers up to $300,000 for achieving the same result with local access, with similar bounties for compromising TEEGRIS and REE systems.
Unlocking a Samsung device pre-first unlock or defeating the Auto Blocker anti-malware engine can also earn bounties of up to $400,000.
Collection
[
|
...
]