Eligibility Criteria

Scope of the Program

Our Bug Bounty reward program scope includes:

  • Hardware / Software vulnerabilities on Samsung TV:
    • - Models from years 2017 to 2019.
  • Vulnerabilities on Samsung TV software:
    • - Smart Hub and core components (e.g. Web browser, AllShare, Media Player, etc.).
    • - Samsung TV apps released by Samsung Electronics Co., Ltd..
    • - Vulnerabilities on Samsung TV web infrastructures that directly support the operation of Samsung TV.
  • Note: we do not publish the list of web infrastructures that directly support the operation of Samsung TV.

We will not reward:

  • Non-security related bugs.
  • Vulnerabilities on any system / device / app / website not mentioned above.
  • Vulnerabilities on websites providing commercial, informational or support related contents (even if related to TV).
  • Vulnerabilities that have little or no impact (e.g. XSS that cannot lead to any exploit on a minor website).
  • Security bugs in third-party applications.
  • Security bugs in third-party websites integrated with Samsung.

Code of Conduct

Ethical Testing

Your activities during vulnerability research should not threaten or impact the business, services or users of Samsung and our partners.

By impact we mean affecting confidentiality, integrity or availability of devices, infrastructure and services.

Please refrain from:

  • Accessing 3rd party accounts or data (please use test accounts).
  • Attempting denial of service attacks.
  • Using Spam, Phishing or other social engineering techniques.

More generally, please do not attempt any unethical or illegal activity during testing.

We will not pursue legal action against security researchers who conduct testing in an ethical manner as specified above.

Last update: 09.May.2019  

All contents copyright © Samsung Electronics Co., Ltd.