Cyber Security

Chinese phone manufacturer ZTE launches public bug bounty program

Mobile phone manufacturer ZTE has announced it has launched a public bug bounty program offering up to €2,000 ($2,300) for security vulnerabilities.

The program, launched in partnership with French vulnerability disclosure platform YesWeHack, invites researchers to look for security flaws in ZTE products.

A press release published last night (October 11) detailed several in-scope product categories, including ZTE’s 5G Common Core network, 5G NR broadcast tech, and fixed network, along with multimedia, cloud video, cloud computing, database management systems, and terminal products.

ZTE web applications and other devices not listed on YesWeHack’s website are out of scope.

Publicly available

A spokesperson for YesWeHack told The Daily Swig that the program is an expansion of a private offering for invite-only researchers.

The program invites both individuals and groups of up to five to participate. The biggest rewards are for critical bugs including remote code execution.

Zhong Hong, chief security officer at ZTE, said: “Through openness and transparency, we try to give our customers confidence by letting them see what we do and how we provide end-to-end security.”

Hong added: “Our partnership with YesWeHack will help to enhance the security of ZTE’s products and confront new challenges brought by the 5G network commercialization.”

Source: https://portswigger.net/daily-swig/chinese-phone-manufacturer-zte-launches-public-bug-bounty-program

Click to comment

You May Also Like

Cyber Security

A new report says a cyber threat actor within Russia’s military intelligence service leveraged a novel malware campaign targeting Android devices used by the...

Cyber Security

Google has published its annual 0-day vulnerability report, presenting in-the-wild exploitation stats from 2022 and highlighting a long-standing problem in the Android platform that...

Cyber Security

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given federal agencies three weeks to secure Adobe ColdFusion servers on their networks against two...

Cyber Security

Businesses and developers are focusing more on the security of applications in their digital environment as cyber threats and data breaches continue escalating. The...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO

Exit mobile version