Samsung Mobile Security

<!DOCTYPE html> <html lang="en"> <head>  <meta charset="UTF-8" /> <meta http-equiv='X-UA-Compatible' content='IE=edge' /> <meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1, maximum-scale=1, user-scalable=no" /> <link rel="stylesheet" href="/jquery/css/basic.css" type="text/css" /> <link rel="stylesheet" href="/./external/attach/css/attachment.css" /> <script src="/./jquery/jquery-1.12.2.js" type="text/javascript"></script> <script src="/./jquery/jquery-ui/jquery-ui.js" type="text/javascript"></script> <script src="/./jquery/validation/sdp.validate.js" type="text/javascript"></script> <script src="/./jquery/jquery.simplemodal.js" type="text/javascript"></script> <script src="/./js/portalCommon.js" type="text/javascript"></script> <script src="/./js/numberFormat.js" type="text/javascript"></script> <script src="/./js/menu.js" type="text/javascript"></script> <script src="/./js/common.js" type="text/javascript"></script> <script src="/./js/commonCalendar.js" type="text/javascript"></script> <script src="/./js/billboard/d3.min.js" charset="utf-8"></script> <script src="/./js/billboard/billboard.min.js"></script> <link href="/./js/billboard/billboard.min.css" rel="stylesheet"> <link rel="stylesheet" href="/css/style.css?ver=20241008_a2" type="text/css" />   <title>Samsung Mobile Security</title> <link rel="shortcut icon" href="./images/common/favicon.ico" type="image/x-icon"> <link rel="icon" href="./images/common/favicon.ico" type="image/x-icon"> <script type="text/javascript"> var contextPath="/."; var language = 'en_US'; // 2022-10-27 session time out check if('' != ""){ sessionCheck(); } var sameSiteVal = ["Lax;", "None; Secure", "stric;"]; document.cookie = 'LANGUAGE=; expires=Thu, 01 Jan 1970 00:00:01 GMT; SameSite='+sameSiteVal[0]; //document.cookie = 'LANGUAGE=; expires=Thu, 01 Jan 1970 00:00:01 GMT;'; var cookieAccept = 'null'; $(document).ready(function() { /* 2023-10-10 버튼 효과 삭제 $(".menu > li").on("click", function(){ $(this).children("a").addClass("on"); }); */ //개인화 메뉴 펼치기 $(".personal_menu").click(function(){ $(".personal_box").slideToggle("fast"); $('.close_search').hide(); $('.wrap_search .wrap_input').hide(); $('.open_search').css('visibility','visible'); }); //mobile_ 메뉴 펼치기 $(".m_btn_menu").click(function(){ $(this).hide(); $('.m_btn_menu_close').show(); $('.wrap_m_menu').slideDown('fast'); $('.back_bg').fadeIn('fast'); }); $(".m_btn_menu_close").click(function(){ $(this).hide(); $('.m_btn_menu').show(); $('.wrap_m_menu').slideUp('fast'); $('.back_bg').fadeOut('fast'); }); //상단 검색 $('.open_search').click(function(){ $(".personal_box").slideUp("fast"); $('.wrap_search .wrap_input').show(); $(this).css('visibility','hidden'); $('.close_search').show(); $('.wrap_search .wrap_input').focus(); }); $('.close_search').click(function(){ $(this).hide(); $('.wrap_search .wrap_input').hide(); $('.open_search').css('visibility','visible'); }); $("#androidUpdatesMobileKey,#androidUpdatesWebKey").keydown(function (key) { if(key.keyCode == 13){//키가 13이면 실행 (엔터는 13) androidUpdatesSearch(this.id); } }); // 20210511 - 메뉴 슬라이드 $(".menu").hover(function(){ $(".submenu").show(); $(".submenu_bar").show(); /* if ($("#header").hasClass("menu_fix")){ } else { $(".submenu").show(); $(".submenu_bar").show(); } */ }).mouseleave(function(){ $(".submenu").hide(); $(".submenu_bar").hide(); }) //menu fixed function eventMenuFix(){ var menu = $('.mh'); var menu_offset = $('.mh').offset(); var submenu = $('.submenu'); $(window).scroll(function(){ if ($(this).scrollTop() >= menu.height() && $(window).width() > 1023){ menu.addClass('menu_fix'); }else { menu.removeClass('menu_fix'); }; }); }; if($(window).width() > 1023){ $('#header').addClass('mh'); eventMenuFix(); }else if($(window).width() < 1023){ $('#header').removeClass('mh'); eventMenuFix(); }; eventMenuFix(); //top btn $(".mtop_wrap button.mtop").click(function(){ $("html, body").animate({scrollTop:0}, 400); }); $("button.wtop").click(function(){ $("html, body").animate({scrollTop:0}, 400); }); // 쿠키 설정 확인 if( cookieAccept != 'Y' ) { //alert('aa'); //$(".fullscreen").removeClass('none'); setTimeout("createCookie()", 1000); } // 20210504 - Cookies Layer $(".txt_link_cookies, .btn_footer_cookie").on("click",function(){ $("#cookies_layer").fadeIn(); }) $("a.btn_cookies_close").on("click",function(){ $("#cookies_layer").fadeOut(); }) // 20210504 - Cookie-banner close $("a.btn_cookie_banner_close").on("click",function(){ $(".fullscreen").fadeOut(); }) }); function createCookie(){ $(".fullscreen").fadeIn(); //$(".fullscreen").slideUp(); } function movePage(pageUrl) { var d = new Date(); var timeZoneHour = d.getTimezoneOffset() / 60; timeZoneHour = -1 * timeZoneHour; $("input[name='timeZoneHour']").val(timeZoneHour); document.menuMoveForm.action=pageUrl; document.menuMoveForm.submit(); } function androidUpdatesSearch(searchObj) { var androidSearchText = $("#"+searchObj).val(); var pattern = /^[a-zA-Z0-9|-]*$/; if(androidSearchText=="") { alert('Please enter the search word.'); } else if(pattern.test(androidSearchText)) { $("#androidSearchText").val(androidSearchText); document.androidUpdatesSearchForm.submit(); } else { alert('You can not enter characters other than uppercase and lowercase letters, numbers, "-".'); } } function goCookieAccept() { var params = {}; $.ajax({ type:'POST', url:'/./cookieAccept.smsb', data:params, dataType:'json', async:false, success:function(ret) { hideLoading(); if( ret.success == true ) { $(".fullscreen").fadeOut(); cookieAccept = 'Y'; } else { alert("Please contact administrator!"); } }, error : function(request, err, ex) { hideLoading(); //alert('Please contact administrator'); alert("Please contact administrator" + "\n" + "code : " + request.status + "\n" + "message : " + request.responseText + "\n" + "error : " + err + "\n" + "ex : " + ex); } }); } function goLogin(){ /* if( cookieAccept != 'Y' ) { $(".fullscreen").fadeIn(); alert('If you continue to submit report, please accept cookies form this site.'); return; } */ var url = '/sa/anonymous/loginPage.do'; openPage(url); } function myFunction() { document.getElementById("myDropdown").classList.toggle("show"); } window.onclick = function(event) { var matches = event.target.matches ? event.target.matches('.dropbtn') : event.target.msMatchesSelector('.dropbtn'); if (!matches) { var dropdowns = document.getElementsByClassName("dropdown-content"); var i; for (i = 0; i < dropdowns.length; i++) { var openDropdown = dropdowns[i]; if (openDropdown.classList.contains('show')) { openDropdown.classList.remove('show'); } } } } </script> <script> </script> </head> <body>  <div class="fullscreen visible"><div class="leica-overlay content-container"><div class="cookie-banner"> <a href="javascript:goCookieAccept();" class="btn_cookie_banner_close" data-role="accept-all-cookies">close</a> <div class="contentlayercontent"> <div class="cookie-banner__body row"> <div class="col"> <p class="cookie_banner_tit">Samsung Mobile Security and Cookies</p> <p>Our site uses essential cookies only. You can read our <a href="./privacy/global/privacy_notice.html" class="txt_link2" title="Privacy Policy" target="_blank">Privacy Policy</a> and <a href="javascript:void(0)" class="txt_link2 txt_link_cookies" title="Cookie Policy">Cookie Policy</a> for more information.</p>  </div>  </div> </div> </div></div></div>  <div id="cookies_layer"> <a href="javascript:void(0);" class="btn_cookies_close">close</a> <div class="cookies_layer_inner"> <h2>Samsung Mobile Security <br>Cookie Policy</h2> <p class="cookies_dates">Updated on Jan 17, 2022</p> <div class="cookies_cont"> <p class="cookies_cont_txt">This Cookie Policy describes the different types of cookies that may be used in connection with Samsung Mobile Security website which is owned and controlled by Samsung Electronics Co., Ltd (“Samsung Electronics”). This Cookie Policy also describes how you can manage cookies.<br><br> It’s important that you check back often for updates to the Policy as we may change it from time to time to reflect changes to our use of cookies. Please check the date at the top of this page to see when this Policy was last revised. Any changes to this Policy will become effective when we make the revised Policy available on our website.<br><br> Samsung Electronics has offices across Europe, so we can ensure that your request or query will be handled by the data protection team based in your region. If you have any questions, the easiest way to contact us is through our Privacy Support Page at <a href="https://www.samsung.com/request-desk" class="txt_link2" target="_blank">https://www.samsung.com/request-desk</a>. </p> <p class="cookies_cont_txt c_center">You can also contact us at:</p> <p class="cookies_cont_txt_box c_center">European Data Protection Officer<br> Samsung Electronics (UK) Limited<br> Samsung House, 2000 Hillswood Drive, Chertsey, Surrey KT16 0RS </p> <h4>Cookies</h4> <p class="cookies_cont_txt">Cookies are small files that store information on your computer, TV, mobile phone, or other device. They enable the entity that put the cookie on your device to recognize you across different websites, services, devices, and/or browsing sessions.<br><br> We use the following types of cookies on this website:<br><br> <b>Essential Cookies</b>: enable you to receive the services you request via our website. Without these cookies, services that you have asked for cannot be provided. For example, these enable to identify users and provide proper service for each user. These cookies are automatically enabled and cannot be turned off because they are essential to enable you to browse our website. Without these cookies this Samsung Mobile Security website could not be provided. </p> <div class="cookies_cont_tb"> <table> <thead> <tr> <th>Cookie</th> <th>Domain</th> <th>Purpose</th> </tr> </thead> <tbody> <tr> <td>JSESSIONID</td> <td>security.samsungmobile.com</td> <td>to keep login session</td> </tr> <tr> <td>lastActivityTime</td> <td>security.samsungmobile.com</td> <td>to save the user's last activity time to automatically logout after 30 minutes of inactivity</td> </tr> </tbody> </table> </div> <h4>Managing Cookies and Other Technologies</h4> <p class="cookies_cont_txt">You can also update your browser settings at any time, if you want to remove or block cookies from your device (consult your browser's "help" menu to learn how to remove or block cookies). Samsung Electronics is not responsible for your browser settings. You can find good and simple instructions on how to manage cookies on the different types of web browsers at <a href="http://www.allaboutcookies.org" class="txt_link2" target="_blank">http://www.allaboutcookies.org</a>.</p> </div> </div> </div>   <div id="skipnav"> <a href="#gnb">Go straight to the menu</a> <a href="#home">Go straight to the text</a> </div>   <div id="wrap">  <header id="header_wrap"> <div id="header" class="main_header"> <div class="header_inner"> <div class="wrap_top"> <h1 class="logo"><a href="/./main.smsb"><strong>Samsung </strong>Mobile Security</a></h1>  <div class="gnb" id="gnb">  <ul class="menu"> <li><a href="/./workScope.smsb">Security Updates</a> <ul class="submenu"> <li><a href="/./workScope.smsb">Scope</a></li> <li><a href="/./securityUpdate.smsb">Firmware Updates</a></li> <li><a href="/./serviceWeb.smsb">Other Updates</a></li> </ul> </li> <li><a href="/./securityReporting.smsb">Security Reporting</a> <ul class="submenu"> <li><a href="/./securityReporting.smsb">Reporting</a></li> <li><a href="/./securityReportingProcess.smsb">Process</a></li> <li><a href="/./securityReportingRiskClassification.smsb">Severity Classification</a></li> </ul> </li> <li><a href="/./rewardsProgram.smsb">Rewards Program</a> <ul class="submenu"> <li><a href="/./rewardsProgram.smsb">How it works</a></li> <li><a href="/./hallOfFameInfo.smsb">Hall of Fame</a></li> </ul> </li> <li><a href="/./securityPost.smsb">Security Post</a></li> </ul>  <div class="toplink"> <span class="t_btn_login"><a href="javascript:goLogin();" title="Go to login">Login</a></span>  <div class="wrap_search"> <a href="javascript:;" class="open_search">Search</a> <a href="javascript:;" class="close_search" style="display:none">Search Close</a> <div class="wrap_input" style="display:none"> <input id="androidUpdatesWebKey" name="androidUpdatesWebKey" type="text" placeholder="Enter the search word(ex. CVE, SVE.. )" title="search" style="height:100%;border:0px;"> <a href="javascript:androidUpdatesSearch('androidUpdatesWebKey')" class="btn_search">Search</a> </div> </div>   </div> </div>  </div>  <div class="wrap_mobile_menu"> <div class="m_toplink"> <button type="button" class="m_btn_menu" title="Total Menu">Total Menu</button> <button type="button" class="m_btn_menu_close" title="Close the entire menu">Close the entire menu</button> </div> <div class="wrap_m_menu">  <div class="wrap_m_search"> <div class="wrap_input"> <input type="text" id="androidUpdatesMobileKey" name="androidUpdatesMobileKey" placeholder="Enter the search word(ex. CVE, SVE.. )" title="search" style="height:100%;border:0px;"> <a href="javascript:androidUpdatesSearch('androidUpdatesMobileKey')" class="btn_search">Search</a> </div> </div>  <ul class="m_main_menu"> <li><a href="/./workScope.smsb">Security Updates</a></li> <li><a href="/./securityReporting.smsb">Security Reporting</a></li> <li><a href="/./rewardsProgram.smsb">Rewards Program</a></li> <li><a href="/./securityPost.smsb">Security Post</a></li> </ul> <ul class="m_personal_menu"> <li><a href="javascript:goLogin();" title="Go to login">Login</a></li>  </ul> </div> <div class="back_bg"></div> </div>  </div> <div class="submenu_bar"></div> </div> </header>   <script language="javascript" src="/js/securityPost.js"></script> <script> $(document).ready(function() { // 2023-08-22 메뉴 활성화 & 타이틀 수정 var urlParams = window.location.href; var cate = urlParams.split('/'); if(cate.length == "4"){ $(".securitypost_tab ul li:nth-child(1)").addClass("on"); } else if(cate[4] == "Advisory"){ $(".securitypost_tab ul li:nth-child(2)").addClass("on"); } else if(cate[4] == "Notice"){ $(".securitypost_tab ul li:nth-child(3)").addClass("on"); } else if(cate[4] == "Announcement"){ $(".securitypost_tab ul li:nth-child(4)").addClass("on"); } else if(cate[4] == "FAQ"){ $(".securitypost_tab ul li:nth-child(5)").addClass("on"); } if (cate.length == 6) { //var date = new Date(); //var maxYear = 2024; //$('.rbar_archive_cont_year')[maxYear - cate[5]].click(); $('#'+cate[5]).click(); } // 콘텐츠 높이에 따른 푸터 위치 조정 var windowWidth = $(window).width(); var windowHeight = $(window).height(); var contentHeight = $("#contents_renew").height(); var marginHeight = 60 + 42 + 80; var etcHeight = $("#header").height() + $(".sub_visual_rn").height() + $(".page_tit").height() + $("#footer").height() + marginHeight; var innerHeight = contentHeight + etcHeight; //console.log("win : " + windowHeight); //console.log("content : " + contentHeight); //console.log("etc : " + etcHeight); //console.log("aaa : " + aaa); if(windowHeight > innerHeight){ $("#footer").addClass("footer_fix"); } else { $("#footer").removeClass("footer_fix"); } var pageRow = 1; $("#btn_more").on("click", function(){ let _type = $("#postType").val(); pageRow += 1; let _year = ""; if("" != $("#year").val()){ _year = "/"+$("#year").val(); } $.ajax({ type : 'POST', url : '/./securityPostPage.smsb/'+_type+'/'+pageRow + _year, dataType : 'json', async: false, success : function(data) { if(pageRow == data.total){ $("#btn_more").hide(); } let obj = data.rows; let _rsHtml = ""; for(i in obj){ console.log(i, obj[i]); let postUrl = ""; if("" == obj[i].postImgUrl || null == obj[i].postImgUrl){ postUrl = "article_list_noimg"; } _rsHtml += "<li class='"+obj[i].postType+" "+postUrl+"'>"; _rsHtml += "<div class='article_cont'>"; _rsHtml += "<div class='article_tit'>"; _rsHtml += "<span>"+obj[i].postLabel+"</span>"; _rsHtml += "<h4 onclick='goDetail("+obj[i].seq+")'>"+obj[i].title+"</h4>"; _rsHtml += "</div>"; _rsHtml += "<div class='article_etc'>"; _rsHtml += "<span class='article_user'>"+obj[i].postAckname+"</span>"; _rsHtml += "<span class='article_date'>"+obj[i].cretime+"</span>"; _rsHtml += "</div>"; if("" == postUrl){ _rsHtml += "<div class='article_thumb'><img src='"+obj[i].postImgUrl+"' onclick='goDetail("+obj[i].seq+")'></div>"; } _rsHtml += "<div class='article_cont_txt'>"+obj[i].contentHtml+"</div>"; _rsHtml += "</div></li>"; } $(".article_list").append(_rsHtml); articleContTxt(); }, error : function(request, err, ex) { pageRow -= 1; alert("Please contact administrator"); return false; } }); }); articleContTxt(); }); function articleContTxt(){ var regex = /(<((?!(br))[^>]+)>)/ig; $('.article_list > li').each(function(index){ var str = $(this).find('.article_cont_txt').html().replace(regex, ""); $(this).find('.article_cont_txt').html(str); }) } </script> <div id="container_renew">  <div class="container_visual"> <div class="sub_visual_rn"> <span class="svrn5"></span> <div class="breadcrumb_rn"> <div> <a href="/main.smsb" class="ico_home" id="home">Home</a><span class="ico_arw">></span><em>Security Post</em> </div> </div> </div> <div class="page_tit"> <h2 class="page_tit_wht">Security Post</h2> </div> </div>   <div id="contents_renew">  <div class="recently_post" style="display:none"> <div class="inner"> <h3>Recently Post</h3> <div class="recently_post_l" class="recentlyY"> <div class="recently_post_summary"> <span class="recently_post_summary_cate">Announcement</span> <h5 class="recently_post_summary_tit" onclick="goDetail(190)">Annual Report in 2023 and New Announcements</h5> <div class="recently_post_summary_cont"><div class="list_basic"> <div class="txt_section" style="padding-top:0"> <ol><li>It has been more than 6 years since we officially launched Samsung Mobile Security Rewards Program, and today, we are finally releasing our first ever "Annual Report" for the Rewards Program.</li><li><img src="/images/security/img_annual_report_01.png" alt="annual Report" style="width:100%" /></li><li>Although there have been many challenges and difficulties in running our Rewards Program, with the help of numerous security experts and communities around the world, it has been able to run our Rewards Program.</li><li>The program was started with the goal of securing our products by receiving vulnerabilities that were not detected internally with external security communities' help. As we received more and more reports, and analyzed and rolled out patches for them, our products became securer and safer. Thanks to the assistance from our valuable researchers.</li><li></li><li>After running the program for several years, the Biggest Lesson Learned is that Researchers are my dear and grateful friends who take their time to look at our products from various perspectives and help make them secure and safe.</li><li>I sincerely appreciate your help, 감사합니다!</li><li></li><li>With the help of our friends, our Rewards Program has continued to evolve, and as part of it, I will summarize a review of the program in 2023.</li><li></li></ol> </div> <div class="txt_section"> <strong>Review of 2023</strong> <ol><li><img src="/images/security/img_annual_report_02.png" alt="Review of 2023" style="width:100%" /></li><li>Since starting our official Rewards Program in 2017, we have paid about $5 million. In 2023, we rewarded over $800,000 to 113 researchers.</li><li> <ul class="list_circle" style="padding-top:0"><li>Rewarded $827,925 to 113 researchers</li><li>The highest reward in one report was $57,190 by TASZK Security Labs.</li><li>The researcher with the highest total reward was also TASZK Security Labs.</li><li>The researcher with most reports was Oversecured Inc.</li></ul> </li><li>Among all of dedicated my friends, there are two that deserve special appreciation.</li><li> <ul class="list_circle" style="padding-top:0"><li>TASZK Security Labs who helped us from long time ago was a researcher whose report received the highest single reward in 2023. There impressive researches helped secure our products against potential remote attacks. Although Exynos Baseband related reports became out of scope with our program and his reports involved chains with baseband, resulting in a reduction of the overall reward, it was still TASZK Security Labs who received the highest total payout in 2023.</li></ul> </li><li> <ul class="list_circle" style="padding-top:0"><li>Oversecured is one of our best friends, having submitted numerous valuable reports since their initial report with us back in 2021. In 2023, they reported the greatest number of valid reports. Their valuable researches have covered various targets including applications and frameworks, helping us towards securing diverse targets of and introducing novel types of vulnerabilities in our products. (they were also ranked as the top researcher who filed the most reports and received the highest total rewards in 2022.)</li></ul> </li><li>We sincerely appreciate all of our friends who worked with us with the valuable findings. It was all thanks to your efforts that we were able to run this program and make our products and services more safe and secure to keep our customers from potential attacks.</li><li>In order to collaborate better with our friends, we have continuously made efforts to listen to your voices. As a result, we have come to the conclusion that an update is required to work more closely with you and run a better Rewards Program.</li></ol> </div> <div class="txt_section"> <strong>And we are now</strong> <ol><li>And we are now understanding the needed updates what we learned your voices of worries and complaints.</li><li>We cannot emphasize enough how much we appreciate all the researchers for working with us and we hope to get greater interest from more security experts, researchers and Galaxy users.</li><li>We fully understand that it may have become harder and harder to find vulnerabilities with the products, as we are working effortlessly for additional security features while releasing security patches as quickly as possible and as often as possible to keep our customers safer. </li><li>So some may be discouraged to submit findings with a concern that it may be an inefficient research due to potentially low rewards compared to the efforts.</li><li>And we also understood your concerns regarding the transparency of criteria and unpredictable reward amounts.</li><li>Good news!</li><li>We are very excited to announce the largest update we have ever done since releasing our Rewards Program.</li><li>In order to encourage more researchers and users to participate in Samsung Mobile Security Rewards program, we have set new goals. Below is some of our initiatives to the find the best win-win path forward for Samsung and our friends as part of improving our program.</li><li></li></ol> <div class="txt_section" style="padding-top:0;border-top:0"> <strong class="s_tit01">As transparent as possible</strong> <ol><li>We have heard many voices stating difficulty in predicting the severity and reward amounts. So we are now sharing updates indicating <a href="/securityReportingRiskClassification.smsb" rel="nofollow">clearer criteria of severity</a> and <a href="/rewardsProgram.smsb" rel="nofollow">factors used for rewards amount</a>. And please also refer to the <a href="/securityPost.smsb/FAQ" rel="nofollow">FAQ</a> for most frequent inquiries and discussions.</li></ol> </div> <div class="txt_section" style="padding-top:0;border-top:0"> <strong class="s_tit01">Don’t let your efforts go in vain</strong> <ol><li>We have tried to find ways to offer higher rewards for reports with high impact reports and high quality reports. And now we want to introduce our new Program and Bonus Rewards which provide extra reward and maximum amount covered by our program.</li><li>Please refer to the <a href="/securityPostDetail.smsb/188" rel="nofollow">Good Report Bonus</a> and <a href="/securityPostDetail.smsb/189" rel="nofollow">Important Scenario Vulnerability Program</a>.</li></ol> </div> <div class="txt_section" style="padding-top:0;border-top:0"> <strong class="s_tit01">AI Security</strong> <ol><li>We started a pilot rewards program for Samsung mobile AI Security.</li><li>We hope to get your interest and active participation for Samsung Mobile AI Security. Since we are in early stage for this, working on setting up the policies for reports related to AI Security, your interests and researches will greatly help us to finalize our policies and standards.</li></ol> </div> <div class="txt_section"> <ol><li>We want your continuous interest in Samsung Mobile Security Rewards Program. Stay tuned!</li><li>We are preparing additional programs, announcements, and events within 2024.</li><li></li><li>I would like to express my gratitude to my friends, our valuable security researchers.</li><li>And I sincerely appreciate for the efforts of my team, PSIRT at Samsung Mobile Security.</li></ol> </div> </div></div></div> <span class="recently_post_summary_date">On 06 Aug 2024 by Samsung Mobile Security</span> </div> </div> <div class="recently_post_r"> <ul class="recently_post_latest"> <li> <div class="recently_post_latest_summary" style='width:100%;float:left;'> <span>Announcement</span> <h6 onclick="goDetail(189)">Important Scenario Vulnerability Program</h6> <p>06 Aug 2024</p> </div> </li> <li> <div class="recently_post_latest_summary" style='width:100%;float:left;'> <span>Announcement</span> <h6 onclick="goDetail(188)">Bonus Rewards</h6> <p>06 Aug 2024</p> </div> </li> <li> <div class="recently_post_latest_summary" style='width:100%;float:left;'> <span>Notice</span> <h6 onclick="goDetail(187)">Site Maintenance Notice</h6> <p>17 May 2024</p> </div> </li> <li> <div class="recently_post_latest_summary" style='width:100%;float:left;'> <span>FAQ</span> <h6 onclick="goDetail(181)">I don’t want to use your system for reporting my finding.</h6> <p>16 May 2024</p> </div> </li> <li> <div class="recently_post_latest_summary" style='width:100%;float:left;'> <span>FAQ</span> <h6 onclick="goDetail(180)">Where can I report vulnerabilities for non-mobile Samsung products and services?</h6> <p>16 May 2024</p> </div> </li> <li> <div class="recently_post_latest_summary" style='width:100%;float:left;'> <span>FAQ</span> <h6 onclick="goDetail(179)">Are all products and services developed and managed by Samsung Mobile are eligible with Samsung Mobile Security Reward Program?</h6> <p>16 May 2024</p> </div> </li> </ul> </div> </div> </div>   <div class="contents_article"> <div class="inner">  <div class="contents_article_list">  <div class="securitypost_tab"> <ul> <li><a href="/securityPost.smsb"><span>ALL Post</span></a></li> <li><a href="/securityPost.smsb/Advisory"><span>Advisory</span></a></li> <li><a href="/securityPost.smsb/Notice"><span>Notice</span></a></li> <li><a href="/securityPost.smsb/Announcement"><span>Announcement</span></a></li> <li><a href="/securityPost.smsb/FAQ"><span>FAQ</span></a></li> </ul> </div>  <ul class="article_list"> <li class="faq article_list_noimg"> <div class="article_cont"> <div class="article_tit" > <span>FAQ</span> <h4 onclick="goDetail(181)">I don’t want to use your system for reporting my finding.</h4> </div> <div class="article_etc" > <span class="article_user">Samsung Mobile Security</span> <span class="article_date">16 May 2024</span> </div> <div class="article_cont_txt" ><div>If there is an issue for creating ticket on our system after agreeing the consent "Terms & Conditions" and "Privacy Notice" of Samsung Mobile Security Rewards Program or you don’t want to use Samsung Account, you can report a vulnerability through an official email as guided below.</div><br /><a href="https://security.samsungmobile.com/securityReporting.smsb" style="color:blue" rel="nofollow">https://security.samsungmobile.com/securityReporting.smsb</a><br /><br /><div>We offer Acknowledgements and CVEs for the reports by email, but there is no reward in this case. Please keep in mind that reports submitted through "ticketing system" only are eligible for reward.</div><br /></div> </div> </li> <li class="faq article_list_noimg"> <div class="article_cont"> <div class="article_tit" > <span>FAQ</span> <h4 onclick="goDetail(180)">Where can I report vulnerabilities for non-mobile Samsung products and services?</h4> </div> <div class="article_etc" > <span class="article_user">Samsung Mobile Security</span> <span class="article_date">16 May 2024</span> </div> <div class="article_cont_txt" ><div>When we received reports developed or managed from other divisions, we will share the reports with the team, and share an update with you. And we also recommend you to find a proper channel at "<a href="https://securityreport.samsung.com" style="color:blue" rel="nofollow">Samsung Security Reporting</a>".</div><br /></div> </div> </li> <li class="faq article_list_noimg"> <div class="article_cont"> <div class="article_tit" > <span>FAQ</span> <h4 onclick="goDetail(179)">Are all products and services developed and managed by Samsung Mobile are eligible with Samsung Mobile Security Reward Program?</h4> </div> <div class="article_etc" > <span class="article_user">Samsung Mobile Security</span> <span class="article_date">16 May 2024</span> </div> <div class="article_cont_txt" ><div>No, not all products and services are eligible with our program. Please refer the scope of our Rewards Program at the link below.</div><br /><a href="https://security.samsungmobile.com/rewardsProgram.smsb" style="color:blue" rel="nofollow">https://security.samsungmobile.com/rewardsProgram.smsb</a><br /><br /><div>But we don’t want let your efforts go in vain. So although some of our products such as Galaxy Buds are not eligible with our rewards program, we offer a partial reward as an appreciation for valid reports on products out of scope, based on its security impact. <br /> Acknowledgement and CVE are not assigned for this case.</div><br /></div> </div> </li> <li class="faq article_list_noimg"> <div class="article_cont"> <div class="article_tit" > <span>FAQ</span> <h4 onclick="goDetail(176)">The reward process for a ticket I reported has been started, but it was closed without rewards.</h4> </div> <div class="article_etc" > <span class="article_user">Samsung Mobile Security</span> <span class="article_date">16 May 2024</span> </div> <div class="article_cont_txt" ><div>We assume that your ticket may fall under one of the following two scenarios:</div><br /><div><span style="font-weight:bold">1. Mandatory information not provided within maximum waiting period.</span></div><br />If the mandatory information have not provided within 90 days, the ticket is going to be closed without a reward.<br />While approaching 90 days, the mandatory information hasn’t been provided, we notify a final request through our official e-mail and comment on the system. But if we still don’t hear back from you within the period, we close the ticket without a reward.<div><br /><div><span style="font-weight:bold">2. Opt-out for reward</span></div><br /><div>When creating report, if you select the [I want to Close this ticket without Reward] checkbox in the “Confirming your Reward Information” Pop-up, the ticket will be closed without any rewards.<br />In case the reward is rejected by mistake, please re-submit a new report via the same account with the same title of this ticket within 30 days, then our bounty team will proceed the process again.Otherwise, we will not be able to proceed to the reward process for the ticket.</div><div><br /></div><br /><br /></div></div> </div> </li> <li class="faq article_list_noimg"> <div class="article_cont"> <div class="article_tit" > <span>FAQ</span> <h4 onclick="goDetail(175)">Do I have to enter my information at “Confirming your Reward Information”?</h4> </div> <div class="article_etc" > <span class="article_user">Samsung Mobile Security</span> <span class="article_date">16 May 2024</span> </div> <div class="article_cont_txt" ><div>Absolutely YES. <br /> All the payout can be proceeded based on the mandatory information which is required in the “Confirming your Reward Information” pop-up. If incorrect information is provided, the reward process may be suspended. <br />All of the information including “Full Name”, “Nationality” and others required in the pop-up, have to be same with the one on your ID, Passport or other identification documents. </div><div><br /></div></div> </div> </li> </ul> <div class="article_no_content">No Contents.</div>  <form id="searchForm" name="searchForm" action="/securityPost.smsb/FAQ" method="GET"> <input type="hidden" id="year" name="year" value=""/> <input type="hidden" id="postType" name="postType" value="FAQ"/> <div class="wrap_button_center mt40 mb20"> <button type="button" class="button_more" title="show more" id="btn_more"><span>SHOW MORE</span></button> </div> </form>  </div>   <div class="contents_rbar">  <div class="rbar_archive"> <div class="rbar_tit"> <h5>Archive</h5> </div> <div class="rbar_archive_cont"> <ul class="rbar_archive_cont_1dep"> <li> <div class="rbar_archive_cont_year" id="2024">2024</div> <ul class="rbar_archive_cont_2dep"> <li class="rbar_archive_cont_month"> <a href="javascript:goArchive(2024 , 'Notice');"><p>Notice<strong>1</strong></p></a> </li> <li class="rbar_archive_cont_month"> <a href="javascript:goArchive(2024 , 'Announcement');"><p>Announcement<strong>3</strong></p></a> </li> <li class="rbar_archive_cont_month"> <a href="javascript:goArchive(2024 , 'FAQ');"><p>FAQ<strong>13</strong></p></a> </li> </ul> </li> <li> <div class="rbar_archive_cont_year" id="2023">2023</div> <ul class="rbar_archive_cont_2dep"> </ul> </li> <li> <div class="rbar_archive_cont_year" id="2022">2022</div> <ul class="rbar_archive_cont_2dep"> <li class="rbar_archive_cont_month"> <a href="javascript:goArchive(2022 , 'Announcement');"><p>Announcement<strong>1</strong></p></a> </li> </ul> </li> <li> <div class="rbar_archive_cont_year" id="2021">2021</div> <ul class="rbar_archive_cont_2dep"> <li class="rbar_archive_cont_month"> <a href="javascript:goArchive(2021 , 'Advisory');"><p>Advisory<strong>3</strong></p></a> </li> <li class="rbar_archive_cont_month"> <a href="javascript:goArchive(2021 , 'Announcement');"><p>Announcement<strong>2</strong></p></a> </li> </ul> </li> <li> <div class="rbar_archive_cont_year" id="2020">2020</div> <ul class="rbar_archive_cont_2dep"> <li class="rbar_archive_cont_month"> <a href="javascript:goArchive(2020 , 'Advisory');"><p>Advisory<strong>7</strong></p></a> </li> </ul> </li> <li> <div class="rbar_archive_cont_year" id="2019">2019</div> <ul class="rbar_archive_cont_2dep"> <li class="rbar_archive_cont_month"> <a href="javascript:goArchive(2019 , 'Advisory');"><p>Advisory<strong>1</strong></p></a> </li> </ul> </li> <li> <div class="rbar_archive_cont_year" id="2018">2018</div> <ul class="rbar_archive_cont_2dep"> <li class="rbar_archive_cont_month"> <a href="javascript:goArchive(2018 , 'Advisory');"><p>Advisory<strong>1</strong></p></a> </li> <li class="rbar_archive_cont_month"> <a href="javascript:goArchive(2018 , 'Announcement');"><p>Announcement<strong>1</strong></p></a> </li> </ul> </li> <li> <div class="rbar_archive_cont_year" id="2017">2017</div> <ul class="rbar_archive_cont_2dep"> <li class="rbar_archive_cont_month"> <a href="javascript:goArchive(2017 , 'Announcement');"><p>Announcement<strong>1</strong></p></a> </li> </ul> </li> <li> <div class="rbar_archive_cont_year" id="2016">2016</div> <ul class="rbar_archive_cont_2dep"> </ul> </li> <li> <div class="rbar_archive_cont_year" id="2015">2015</div> <ul class="rbar_archive_cont_2dep"> <li class="rbar_archive_cont_month"> <a href="javascript:goArchive(2015 , 'Advisory');"><p>Advisory<strong>1</strong></p></a> </li> <li class="rbar_archive_cont_month"> <a href="javascript:goArchive(2015 , 'Announcement');"><p>Announcement<strong>1</strong></p></a> </li> </ul> </li> </ul> </div> </div> </div>  </div> </div>  </div>  </div>  <footer id="footer"> <div class="in"> <div class="sitemap"> <p>SITE MAP</p> <ul> <li><a href="/workScope.smsb">Security Updates</a></li> <li><a href="/securityReporting.smsb">Security Reporting</a></li> <li><a href="/rewardsProgram.smsb">Rewards Program</a></li> <li><a href="/securityPost.smsb">Security Post</a></li> </ul> </div> <div class="site_link"> <div class="dropdown"><button type="button" class="dropbtn_none btn_footer_cookie" title="Cookie Policy">Cookie Policy</button></div> <div class="dropdown"> <button onclick="myFunction()" class="dropbtn" title="Privacy Policy">Privacy Policy</button> <div id="myDropdown" class="dropdown-content"> <a href="./privacy/global/privacy_notice.html" target="_blank" title="Global">Global</a> <a href="./privacy/us/privacy_notice_us.html" target="_blank" title="US">US</a> <a href="./privacy/eu/privacy_notice_eu.html" target="_blank" title="EU">EU</a> <a href="./privacy/latin/privacy_notice_latin.html" target="_blank" title="Latin America">Latin America</a> <a href="./privacy/korea/privacy_notice_korea.html" target="_blank" title="Korea">Korea</a> <a href="./privacy/brazil/privacy_notice_brazil.html" target="_blank" title="Brazil">Brazil</a> <a href="./privacy/turkey/privacy_notice_turkey.html" target="_blank" title="Turkey">Turkey</a> <a href="./privacy/vietnam/privacy_notice_vietnam.html" target="_blank" title="Vietnam">Vietnam</a> </div> </div> <div class="dropdown"><button type="button" onclick="location.href='http://www.samsung.com'" class="dropbtn_none" title="Samsung.com site new window">Samsung.com</button></div> </div> <button class="wtop" type="button" title="Move the screen to the top">Top</button> <span class="copy">Copyright© 2017 SAMSUNG All Rights Reserved.</span> </div> </footer>  </div>  <form method="post" name="menuMoveForm" id="menuMoveForm" action="/myRequest.smsr" > <input type="hidden" id="timeZoneHour" name="timeZoneHour" value="0" title="timeZoneHour"> <input type="hidden" id="portalIssue" name="portalIssue" value="0" title="portalIssue"> <input type="hidden" id="draftId" name="draftId" value="0" title="draftId"> </form> <form method="post" name="androidUpdatesSearchForm" id="androidUpdatesSearchForm" action="/androidUpdatesSearch.smsb" > <input type="hidden" id="androidSearchText" name="androidSearchText" value="" title="timeZoneHour"> </form> <script type="text/javascript" src="/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1623955268" async></script></body> </html>

CINXE.COM

Samsung Mobile Security