Wednesday, April 12, 2017

Nintendo Will Pay You For Discovering Nintendo Switch Vulnerabilities

Through the Hacker One program, Nintendo will reward those who successful uncover exploits and vulnerabilities for Nintendo Switch hardware and software. The program is already in operation for the 3DS and Wii U, but now Nintendo have extended the reward scheme for their latest home console.
Below are examples of vulnerabilities that Nintendo is interested in receiving information about:
  • System vulnerabilities regarding Nintendo Switch
    • Privilege escalation from userland
    • Kernel takeover
    • ARM® TrustZone® takeover
  • Vulnerabilities regarding Nintendo-published applications for Nintendo Switch
    • Userland takeover
  • System vulnerabilities regarding the Nintendo 3DS family of systems
    • Privilege escalation on ARM® ARM11™ userland
    • ARM11 kernel takeover
    • ARM® ARM9™ userland takeover
    • ARM9 kernel takeover
  • Vulnerabilities regarding Nintendo-published applications for the Nintendo 3DS family of systems
    • ARM11 userland takeover that doesn’t require other hacks or tools (“secondary” exploits would be those that require other hacks or tools to be effective; those would be out of scope for this program)
    • Hardware vulnerabilities regarding either the Nintendo Switch system or the Nintendo 3DS™ family of systems
  • Low-cost cloning
  • Security key detection via information leaks


Cash incentives start at $100 and can increase up to $20,000.

No comments:

Post a Comment