Security company Crowdfense willing to pay up to $3 million for exploits for zero-day vulnerabilities in iOS and Android under the new program.
Last year the company launched the reward program for the found vulnerabilities with a budget of $10 million this year, the company increased the total program budget and added a few new fields of research, such as network equipment, Wi-Fi/Baseband and messengers.
The chain exploits for previously unknown vulnerabilities, the company was prepared to write a check in the amount of $100 thousand to $3 million Price for the exploits for the part of the chain will be set individually for each case.
The company is interested in exploits for zero-day vulnerabilities allowing remote code execution in the browsers Google Chrome and Apple Safari. For functional exploits for vulnerabilities in the Windows version of Chrome the company will pay up to $1.5 million, exploits for vulnerabilities in macOS-Safari, up to $500 thousand.
Crowdfense offers up to $2.5 million for the exploits for vulnerabilities in the iOS version of Safari that allows remote code execution to elevation of privileges and up to $3 million for exploits for vulnerabilities in iOS that allows remote code execution without user interaction.
Exploits for vulnerabilities in the Android version of Chrome that allows remote code execution to elevation of privileges, is estimated at $2 million, at the same time, RCE exploits for vulnerabilities that do not require user interaction, are up to $3 million
The company also offers up to $1.5 million for the exploits for vulnerabilities in applications, instant messaging and SMS application that allows remote code execution without user interaction. If the exploitation of the vulnerability requires user interaction, the price is reduced to $1 million
Exploits for vulnerabilities in routers that allows remote code execution, can bring researchers up to $100k For exploits for RCE-vulnerabilities in Wi-Fi protocols, and the level of Baseband, allowing for local privilege escalation, the researchers can earn up to $500 thousand.
Read more •••