Samsung Mobile Security

<!DOCTYPE html> <html lang="en"> <head>  <meta charset="UTF-8" /> <meta http-equiv='X-UA-Compatible' content='IE=edge' /> <meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1, maximum-scale=1, user-scalable=no" /> <link rel="stylesheet" href="/jquery/css/basic.css" type="text/css" /> <link rel="stylesheet" href="/./external/attach/css/attachment.css" /> <script src="/./jquery/jquery-1.12.2.js" type="text/javascript"></script> <script src="/./jquery/jquery-ui/jquery-ui.js" type="text/javascript"></script> <script src="/./jquery/validation/sdp.validate.js" type="text/javascript"></script> <script src="/./jquery/jquery.simplemodal.js" type="text/javascript"></script> <script src="/./js/portalCommon.js" type="text/javascript"></script> <script src="/./js/numberFormat.js" type="text/javascript"></script> <script src="/./js/menu.js" type="text/javascript"></script> <script src="/./js/common.js" type="text/javascript"></script> <script src="/./js/commonCalendar.js" type="text/javascript"></script> <script src="/./js/billboard/d3.min.js" charset="utf-8"></script> <script src="/./js/billboard/billboard.min.js"></script> <link href="/./js/billboard/billboard.min.css" rel="stylesheet"> <link rel="stylesheet" href="/css/style.css?ver=20241008_a2" type="text/css" />   <title>Samsung Mobile Security</title> <link rel="shortcut icon" href="./images/common/favicon.ico" type="image/x-icon"> <link rel="icon" href="./images/common/favicon.ico" type="image/x-icon"> <script type="text/javascript"> var contextPath="/."; var language = 'en_US'; // 2022-10-27 session time out check if('' != ""){ sessionCheck(); } var sameSiteVal = ["Lax;", "None; Secure", "stric;"]; document.cookie = 'LANGUAGE=; expires=Thu, 01 Jan 1970 00:00:01 GMT; SameSite='+sameSiteVal[0]; //document.cookie = 'LANGUAGE=; expires=Thu, 01 Jan 1970 00:00:01 GMT;'; var cookieAccept = 'null'; $(document).ready(function() { /* 2023-10-10 버튼 효과 삭제 $(".menu > li").on("click", function(){ $(this).children("a").addClass("on"); }); */ //개인화 메뉴 펼치기 $(".personal_menu").click(function(){ $(".personal_box").slideToggle("fast"); $('.close_search').hide(); $('.wrap_search .wrap_input').hide(); $('.open_search').css('visibility','visible'); }); //mobile_ 메뉴 펼치기 $(".m_btn_menu").click(function(){ $(this).hide(); $('.m_btn_menu_close').show(); $('.wrap_m_menu').slideDown('fast'); $('.back_bg').fadeIn('fast'); }); $(".m_btn_menu_close").click(function(){ $(this).hide(); $('.m_btn_menu').show(); $('.wrap_m_menu').slideUp('fast'); $('.back_bg').fadeOut('fast'); }); //상단 검색 $('.open_search').click(function(){ $(".personal_box").slideUp("fast"); $('.wrap_search .wrap_input').show(); $(this).css('visibility','hidden'); $('.close_search').show(); $('.wrap_search .wrap_input').focus(); }); $('.close_search').click(function(){ $(this).hide(); $('.wrap_search .wrap_input').hide(); $('.open_search').css('visibility','visible'); }); $("#androidUpdatesMobileKey,#androidUpdatesWebKey").keydown(function (key) { if(key.keyCode == 13){//키가 13이면 실행 (엔터는 13) androidUpdatesSearch(this.id); } }); // 20210511 - 메뉴 슬라이드 $(".menu").hover(function(){ $(".submenu").show(); $(".submenu_bar").show(); /* if ($("#header").hasClass("menu_fix")){ } else { $(".submenu").show(); $(".submenu_bar").show(); } */ }).mouseleave(function(){ $(".submenu").hide(); $(".submenu_bar").hide(); }) //menu fixed function eventMenuFix(){ var menu = $('.mh'); var menu_offset = $('.mh').offset(); var submenu = $('.submenu'); $(window).scroll(function(){ if ($(this).scrollTop() >= menu.height() && $(window).width() > 1023){ menu.addClass('menu_fix'); }else { menu.removeClass('menu_fix'); }; }); }; if($(window).width() > 1023){ $('#header').addClass('mh'); eventMenuFix(); }else if($(window).width() < 1023){ $('#header').removeClass('mh'); eventMenuFix(); }; eventMenuFix(); //top btn $(".mtop_wrap button.mtop").click(function(){ $("html, body").animate({scrollTop:0}, 400); }); $("button.wtop").click(function(){ $("html, body").animate({scrollTop:0}, 400); }); // 쿠키 설정 확인 if( cookieAccept != 'Y' ) { //alert('aa'); //$(".fullscreen").removeClass('none'); setTimeout("createCookie()", 1000); } // 20210504 - Cookies Layer $(".txt_link_cookies, .btn_footer_cookie").on("click",function(){ $("#cookies_layer").fadeIn(); }) $("a.btn_cookies_close").on("click",function(){ $("#cookies_layer").fadeOut(); }) // 20210504 - Cookie-banner close $("a.btn_cookie_banner_close").on("click",function(){ $(".fullscreen").fadeOut(); }) }); function createCookie(){ $(".fullscreen").fadeIn(); //$(".fullscreen").slideUp(); } function movePage(pageUrl) { var d = new Date(); var timeZoneHour = d.getTimezoneOffset() / 60; timeZoneHour = -1 * timeZoneHour; $("input[name='timeZoneHour']").val(timeZoneHour); document.menuMoveForm.action=pageUrl; document.menuMoveForm.submit(); } function androidUpdatesSearch(searchObj) { var androidSearchText = $("#"+searchObj).val(); var pattern = /^[a-zA-Z0-9|-]*$/; if(androidSearchText=="") { alert('Please enter the search word.'); } else if(pattern.test(androidSearchText)) { $("#androidSearchText").val(androidSearchText); document.androidUpdatesSearchForm.submit(); } else { alert('You can not enter characters other than uppercase and lowercase letters, numbers, "-".'); } } function goCookieAccept() { var params = {}; $.ajax({ type:'POST', url:'/./cookieAccept.smsb', data:params, dataType:'json', async:false, success:function(ret) { hideLoading(); if( ret.success == true ) { $(".fullscreen").fadeOut(); cookieAccept = 'Y'; } else { alert("Please contact administrator!"); } }, error : function(request, err, ex) { hideLoading(); //alert('Please contact administrator'); alert("Please contact administrator" + "\n" + "code : " + request.status + "\n" + "message : " + request.responseText + "\n" + "error : " + err + "\n" + "ex : " + ex); } }); } function goLogin(){ /* if( cookieAccept != 'Y' ) { $(".fullscreen").fadeIn(); alert('If you continue to submit report, please accept cookies form this site.'); return; } */ var url = '/sa/anonymous/loginPage.do'; openPage(url); } function myFunction() { document.getElementById("myDropdown").classList.toggle("show"); } window.onclick = function(event) { var matches = event.target.matches ? event.target.matches('.dropbtn') : event.target.msMatchesSelector('.dropbtn'); if (!matches) { var dropdowns = document.getElementsByClassName("dropdown-content"); var i; for (i = 0; i < dropdowns.length; i++) { var openDropdown = dropdowns[i]; if (openDropdown.classList.contains('show')) { openDropdown.classList.remove('show'); } } } } </script> <script> </script> </head> <body>  <div class="fullscreen visible"><div class="leica-overlay content-container"><div class="cookie-banner"> <a href="javascript:goCookieAccept();" class="btn_cookie_banner_close" data-role="accept-all-cookies">close</a> <div class="contentlayercontent"> <div class="cookie-banner__body row"> <div class="col"> <p class="cookie_banner_tit">Samsung Mobile Security and Cookies</p> <p>Our site uses essential cookies only. You can read our <a href="./privacy/global/privacy_notice.html" class="txt_link2" title="Privacy Policy" target="_blank">Privacy Policy</a> and <a href="javascript:void(0)" class="txt_link2 txt_link_cookies" title="Cookie Policy">Cookie Policy</a> for more information.</p>  </div>  </div> </div> </div></div></div>  <div id="cookies_layer"> <a href="javascript:void(0);" class="btn_cookies_close">close</a> <div class="cookies_layer_inner"> <h2>Samsung Mobile Security <br>Cookie Policy</h2> <p class="cookies_dates">Updated on Jan 17, 2022</p> <div class="cookies_cont"> <p class="cookies_cont_txt">This Cookie Policy describes the different types of cookies that may be used in connection with Samsung Mobile Security website which is owned and controlled by Samsung Electronics Co., Ltd (“Samsung Electronics”). This Cookie Policy also describes how you can manage cookies.<br><br> It’s important that you check back often for updates to the Policy as we may change it from time to time to reflect changes to our use of cookies. Please check the date at the top of this page to see when this Policy was last revised. Any changes to this Policy will become effective when we make the revised Policy available on our website.<br><br> Samsung Electronics has offices across Europe, so we can ensure that your request or query will be handled by the data protection team based in your region. If you have any questions, the easiest way to contact us is through our Privacy Support Page at <a href="https://www.samsung.com/request-desk" class="txt_link2" target="_blank">https://www.samsung.com/request-desk</a>. </p> <p class="cookies_cont_txt c_center">You can also contact us at:</p> <p class="cookies_cont_txt_box c_center">European Data Protection Officer<br> Samsung Electronics (UK) Limited<br> Samsung House, 2000 Hillswood Drive, Chertsey, Surrey KT16 0RS </p> <h4>Cookies</h4> <p class="cookies_cont_txt">Cookies are small files that store information on your computer, TV, mobile phone, or other device. They enable the entity that put the cookie on your device to recognize you across different websites, services, devices, and/or browsing sessions.<br><br> We use the following types of cookies on this website:<br><br> <b>Essential Cookies</b>: enable you to receive the services you request via our website. Without these cookies, services that you have asked for cannot be provided. For example, these enable to identify users and provide proper service for each user. These cookies are automatically enabled and cannot be turned off because they are essential to enable you to browse our website. Without these cookies this Samsung Mobile Security website could not be provided. </p> <div class="cookies_cont_tb"> <table> <thead> <tr> <th>Cookie</th> <th>Domain</th> <th>Purpose</th> </tr> </thead> <tbody> <tr> <td>JSESSIONID</td> <td>security.samsungmobile.com</td> <td>to keep login session</td> </tr> <tr> <td>lastActivityTime</td> <td>security.samsungmobile.com</td> <td>to save the user's last activity time to automatically logout after 30 minutes of inactivity</td> </tr> </tbody> </table> </div> <h4>Managing Cookies and Other Technologies</h4> <p class="cookies_cont_txt">You can also update your browser settings at any time, if you want to remove or block cookies from your device (consult your browser's "help" menu to learn how to remove or block cookies). Samsung Electronics is not responsible for your browser settings. You can find good and simple instructions on how to manage cookies on the different types of web browsers at <a href="http://www.allaboutcookies.org" class="txt_link2" target="_blank">http://www.allaboutcookies.org</a>.</p> </div> </div> </div>   <div id="skipnav"> <a href="#gnb">Go straight to the menu</a> <a href="#home">Go straight to the text</a> </div>   <div id="wrap">  <header id="header_wrap"> <div id="header" class="main_header"> <div class="header_inner"> <div class="wrap_top"> <h1 class="logo"><a href="/./main.smsb"><strong>Samsung </strong>Mobile Security</a></h1>  <div class="gnb" id="gnb">  <ul class="menu"> <li><a href="/./workScope.smsb">Security Updates</a> <ul class="submenu"> <li><a href="/./workScope.smsb">Scope</a></li> <li><a href="/./securityUpdate.smsb">Firmware Updates</a></li> <li><a href="/./serviceWeb.smsb">Other Updates</a></li> </ul> </li> <li><a href="/./securityReporting.smsb">Security Reporting</a> <ul class="submenu"> <li><a href="/./securityReporting.smsb">Reporting</a></li> <li><a href="/./securityReportingProcess.smsb">Process</a></li> <li><a href="/./securityReportingRiskClassification.smsb">Severity Classification</a></li> </ul> </li> <li><a href="/./rewardsProgram.smsb">Rewards Program</a> <ul class="submenu"> <li><a href="/./rewardsProgram.smsb">How it works</a></li> <li><a href="/./hallOfFameInfo.smsb">Hall of Fame</a></li> </ul> </li> <li><a href="/./securityPost.smsb">Security Post</a></li> </ul>  <div class="toplink"> <span class="t_btn_login"><a href="javascript:goLogin();" title="Go to login">Login</a></span>  <div class="wrap_search"> <a href="javascript:;" class="open_search">Search</a> <a href="javascript:;" class="close_search" style="display:none">Search Close</a> <div class="wrap_input" style="display:none"> <input id="androidUpdatesWebKey" name="androidUpdatesWebKey" type="text" placeholder="Enter the search word(ex. CVE, SVE.. )" title="search" style="height:100%;border:0px;"> <a href="javascript:androidUpdatesSearch('androidUpdatesWebKey')" class="btn_search">Search</a> </div> </div>   </div> </div>  </div>  <div class="wrap_mobile_menu"> <div class="m_toplink"> <button type="button" class="m_btn_menu" title="Total Menu">Total Menu</button> <button type="button" class="m_btn_menu_close" title="Close the entire menu">Close the entire menu</button> </div> <div class="wrap_m_menu">  <div class="wrap_m_search"> <div class="wrap_input"> <input type="text" id="androidUpdatesMobileKey" name="androidUpdatesMobileKey" placeholder="Enter the search word(ex. CVE, SVE.. )" title="search" style="height:100%;border:0px;"> <a href="javascript:androidUpdatesSearch('androidUpdatesMobileKey')" class="btn_search">Search</a> </div> </div>  <ul class="m_main_menu"> <li><a href="/./workScope.smsb">Security Updates</a></li> <li><a href="/./securityReporting.smsb">Security Reporting</a></li> <li><a href="/./rewardsProgram.smsb">Rewards Program</a></li> <li><a href="/./securityPost.smsb">Security Post</a></li> </ul> <ul class="m_personal_menu"> <li><a href="javascript:goLogin();" title="Go to login">Login</a></li>  </ul> </div> <div class="back_bg"></div> </div>  </div> <div class="submenu_bar"></div> </div> </header>   <script type="text/javascript"> document.title = 'Security Reporting | Samsung Mobile Security'; $(document).ready(function() { $(".menu > li").siblings("li:eq(0)").find("a").addClass("on"); }); function goForm(){ /* if( cookieAccept != 'Y' ) { alert('If you continue to submit report, please accept cookies form this site.'); return; } */ var url = '/securityReportingForm.smsr'; openPage(url); } function fnMove(){ var windowWidth = $( window ).width(); var pos = 60; if(windowWidth <1010){ pos = 0; } var offset = $("#DisclosurePolicy").offset(); if(offset.top > 1000){ pos = 0; } // alert(offset.top); $('html, body').animate({scrollTop : offset.top-pos}, 0); } </script>  <div id="container"> <div class="sub_visual_rn"> <span class="svrn2"></span> <div class="breadcrumb_rn"> <div> <a href="/main.smsb" class="ico_home" title="Go to Home" id="home">Home</a><span class="ico_arw">></span><a href="/securityReporting.smsb">Security Reporting</a><span class="ico_arw">></span><em>Reporting</em> </div> </div> </div> <div class="page_tit"> <h2 class="page_tit_wht">Security Reporting</h2> </div> <div class="wrap_sub_menu"> <ul class="sub_menu"> <li class="on"><span>Reporting</span></li> <li><a href="/securityReportingProcess.smsb"><span>Process</span></a></li> <li><a href="/securityReportingRiskClassification.smsb"><span>Severity Classification</span></a></li> </ul> </div>  <div id="contents"> <div class="wrap_post mt0"> <div class="post_list"> <p class="tit2">If you have identified a potential security vulnerability in any Samsung Mobile product or software,<br><span>please report it here</span><button title="Create Report" class="btn_bl" type="button" onclick='goForm()' style="text-transform:none">Create Report</button></p> <div class="box"> Please carefully read the reporting guidelines below and <a href="./securityReportingRiskClassification.smsb" class="txt_link"><b>Samsung’s security risk classification criteria</b></a> prior to reporting.<br><br> We encourage the reporting party to place the users’ interest first and follow the philosophy of <a href="javascript:fnMove()" class="txt_link"><b>Responsible Disclosure</b></a>, which involves privately notifying us of any security vulnerabilities before disclosing them fully to allow us to resolve the vulnerabilities and minimize overall risk to users.<br> </div> </div> </div> <div class="list_basic"> <div class="txt_section reporting_guidelines pb20"> <strong>Reporting Guidelines</strong> <div class="reporting_guidelines_cont mb0"> <div> <h4 class="reporting_guidelines_tit">Report via ticketing system</h4> <a href="javascript:void(0)" onclick='goForm()' class="btn_reporting_guidelines">Create Report</a> <span>Samsung Account required <a href="javascript:goLogin();" title="Go to login" class="btn_reporting_guidelines_join">JOIN</a></span> </div> <div> <p class="reporting_guidelines_tit">Report by email :</p> <a href="mailto:mobile.security@samsung.com" class="btn_reporting_guidelines_mail">mobile.security@samsung.com</a> <span><a href="./doc/Samsung_Mobile_Security_pub(mobile.security).asc" class="txt_link" title="samsung.com Samsung_Mobile_Security_pub" target="_blank">(with PGP encryption)</a></span> </div> </div> <span class="nsi_ex mt7 mb20">Note: Reports not submitted through "ticketing system", but sent directly to us via email are not eligible for a reward.</span> <ul class="dep_ul"> <li>When reporting the security vulnerability you have identified through the ticketing system, you will be able to receive prompt response and track the status of the ticket you reported in real time while directly communicating with a dedicated security analyst. Samsung Account is required to submit a ticket and you need to create a user account if you do not have an existing account.</li> <li>If you would like to submit a security vulnerability report directly to us via email, please send your report to <a href="mailto:mobile.security@samsung.com" class="txt_link breakall">mobile.security@samsung.com</a> including the detailed technical information and encrypted with Samsung Mobile Security’s <a href="https://security.samsungmobile.com/doc/Samsung_Mobile_Security_pub(mobile.security).asc" class="txt_link" title="samsung.com Samsung_Mobile_Security_pub" target="_blank">public PGP key</a> (Fingerprint: F5F3 8EEC 4388 E4E2 9184 78BD BA2D 9A24 CD38 64BE). We will immediately send the confirmation that we received your report, and share an update of the progress by email.</li> <li>For quick and accurate analysis, we ask you to provide detailed information and we may ask you to provide additional information if necessary.</li> </ul> <div class="txt_section section_required_information"> <strong>Required Information</strong> <ol> <li> All reports should include the following mandatory items in order to be determined eligible. <ul class="list_circle"> <li>Version information of affected products</li> <li>Description of vulnerability, it should properly explain the practical security impact</li> <li>Detailed steps to reproduce the report (if needed, including video, image and other ways)</li> <li>Disclosure plans, if any</li> </ul> </li> <li>High quality report helps us for analyzing and understanding the vulnerability better, and this reduces the time for releasing patch to make users safe.</li> <li>After trying to find ways to offer higher rewards for reports with high impact reports and high quality reports, we are offering extra rewards for <a href="./securityReportingHighQualityReport.smsb" class="txt_link" title="well-written reports" target="_blank">well-written reports</a> with Good Report Bonus.</li> </ol> </div> </div> <div class="txt_section" id="DisclosurePolicy"> <strong>Responsible Disclosure Policy</strong> <ul class="dep_ul"> <li>At Samsung, we take security and privacy issues very seriously, and we value the security research community with our commitment to address potential security vulnerabilities as quickly as possible. The responsible disclosure of security vulnerabilities helps us ensure the security and privacy of our end-consumers.</li> <li>We ask our security research community to: <ul class="list_circle"> <li>Make every effort to avoid privacy violations, degradation of user experience, disruption to internal or external servers, and destruction of data or physical assets during security testing;</li> <li>Use reporting guidelines stated above to report details of potential vulnerabilities as complete as possible; and</li> <li>Keep information about the potential vulnerability discovered confidential between yourself and Samsung until we have remedy in place.</li> <li>Restrain from using any exploits or vulnerabilities for commercial or business purpose.</li> </ul> </li> <li>In return, we commit to: <ul class="list_circle"> <li>Work with you to understand and resolve the potential vulnerability quickly;</li> <li>Make our best effort to resolve security vulnerabilities, and release patches to end-consumers within 90 days; and</li> <li>Reward you, if you choose to participate in our Samsung Mobile Security Rewards Program, and recognize your contribution through our Acknowledgements for eligible reports.</li> </ul> </li> </ul> </div> <div class="wrap_post"> <div class="post_list"> <p class="tit2">Investigating and reporting bugs </p> <div class="box"> Note that two reporting channels linked above are intended for reporting security vulnerabilities of Samsung Mobile products and its related services. If the identified potential vulnerability applies to other Samsung products or services, <a href="https://securityreport.samsung.com/" class="txt_link" title="Samsung Security Reporting" target="_blank">please visit here</a> to report to the corresponding business unit’s reporting channel. </div> </div> </div> </div> </div>  </div>   <footer id="footer"> <div class="in"> <div class="sitemap"> <p>SITE MAP</p> <ul> <li><a href="/workScope.smsb">Security Updates</a></li> <li><a href="/securityReporting.smsb">Security Reporting</a></li> <li><a href="/rewardsProgram.smsb">Rewards Program</a></li> <li><a href="/securityPost.smsb">Security Post</a></li> </ul> </div> <div class="site_link"> <div class="dropdown"><button type="button" class="dropbtn_none btn_footer_cookie" title="Cookie Policy">Cookie Policy</button></div> <div class="dropdown"> <button onclick="myFunction()" class="dropbtn" title="Privacy Policy">Privacy Policy</button> <div id="myDropdown" class="dropdown-content"> <a href="./privacy/global/privacy_notice.html" target="_blank" title="Global">Global</a> <a href="./privacy/us/privacy_notice_us.html" target="_blank" title="US">US</a> <a href="./privacy/eu/privacy_notice_eu.html" target="_blank" title="EU">EU</a> <a href="./privacy/latin/privacy_notice_latin.html" target="_blank" title="Latin America">Latin America</a> <a href="./privacy/korea/privacy_notice_korea.html" target="_blank" title="Korea">Korea</a> <a href="./privacy/brazil/privacy_notice_brazil.html" target="_blank" title="Brazil">Brazil</a> <a href="./privacy/turkey/privacy_notice_turkey.html" target="_blank" title="Turkey">Turkey</a> <a href="./privacy/vietnam/privacy_notice_vietnam.html" target="_blank" title="Vietnam">Vietnam</a> </div> </div> <div class="dropdown"><button type="button" onclick="location.href='http://www.samsung.com'" class="dropbtn_none" title="Samsung.com site new window">Samsung.com</button></div> </div> <button class="wtop" type="button" title="Move the screen to the top">Top</button> <span class="copy">Copyright© 2017 SAMSUNG All Rights Reserved.</span> </div> </footer>  </div>  <form method="post" name="menuMoveForm" id="menuMoveForm" action="/myRequest.smsr" > <input type="hidden" id="timeZoneHour" name="timeZoneHour" value="0" title="timeZoneHour"> <input type="hidden" id="portalIssue" name="portalIssue" value="0" title="portalIssue"> <input type="hidden" id="draftId" name="draftId" value="0" title="draftId"> </form> <form method="post" name="androidUpdatesSearchForm" id="androidUpdatesSearchForm" action="/androidUpdatesSearch.smsb" > <input type="hidden" id="androidSearchText" name="androidSearchText" value="" title="timeZoneHour"> </form> <script type="text/javascript" src="/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=775224071" async></script></body> </html>

CINXE.COM

Samsung Mobile Security