Nintendo has this week announced it is offering up to $20,000 to anyone who can find security vulnerabilities within its new Switch console.
The bounty is currently only for vulnerability information regarding the Nintendo Switch system and the Nintendo 3DS family of systems and is not seeking vulnerability information regarding other Nintendo platforms, network service, or server-related information.
Below are examples of types of activities that Nintendo is focused on preventing:
• Piracy, including:
• Game application dumping
• Copied game application execution
• Cheating, including:
• Game application modification
• Save data modification
Below are examples of vulnerabilities that Nintendo is interested in receiving information about:
• System vulnerabilities regarding Nintendo Switch
• Privilege escalation from userland
• Kernel takeover
• ARM TrustZone takeover
• Vulnerabilities regarding Nintendo-published applications for Nintendo Switch
• Userland takeover
• System vulnerabilities regarding the Nintendo 3DS family of systems
• Privilege escalation on ARM ARM11 userland
• ARM11 kernel takeover
• ARM ARM9 userland takeover
• ARM9 kernel takeover
Vulnerabilities regarding Nintendo-published applications for the Nintendo 3DS family of systems
• ARM11 userland takeover that doesn’t require other hacks or tools (“secondary” exploits would be those that require other hacks or tools to be effective; those would be out of scope for this program)
• Hardware vulnerabilities regarding either the Nintendo Switch system or the Nintendo 3DS™ family of systems
If you think you have the skills to be able to find any security vulnerabilities within the new Nintendo Switch console jump over to the Hacker One website for full details and how to claim your bounty.
No comments:
Post a Comment