Shulou(Shulou.com)11/24 Report--

Thanks to CTOnews.com netizen Bai Zhantang for the clue delivery! CTOnews.com September 11 news, Xiaomi security center recently announced the launch of 2023 Xiaomi mobile phone guardian plan, this guardian plan bonus pool total 1 million yuan, activity time for September 5-October 6.

This test model is Xiaomi 13 series, and the guardian plan needs to purchase equipment for testing by itself. If a valid vulnerability is submitted that meets the requirements for inclusion in the daemon plan, the product purchase cost will be reimbursed, otherwise no reimbursement will be made (invoice provided).

CTOnews.com with exploit requirements:

Official latest stable ROM

Browser version updated to the latest version via Xiaomi App Store

Keep the default system settings, or use the phone settings normally, without any special changes

Cannot request and use Accessibility permissions

Unexposed details and POC 0-day vulnerabilities (open vulnerabilities in Chrome playlist are not included in reward program)

All vulnerabilities (including root escalation) are validated only once in all scenarios and are considered duplicate if re-exploited in other scenarios or in the exploit chain.

vulnerability verification method

White hats are required to submit a full exploit report, including:

Detailed report of vulnerability analysis, including necessary call chain descriptions + screenshots

Verify the source code of the vulnerability poc, or exp

Upload and record video if there are multiple interactive scenes or certain demonstration effects

Xiaomi security team will reproduce vulnerabilities in the environments mentioned in the Exploitability Requirements

Successful vulnerability recurrence will confirm that the vulnerability and attack scenario are established

Failure to reproduce vulnerabilities will result in separate conversion rewards for valid vulnerabilities in the exploit chain.

vulnerability validity

The validity of the vulnerability is subject to the first submission, and subsequent duplicate vulnerabilities are not included in the reward scope of the Xiaomi 13 Guardian Program.

In the scenario where there are multiple vulnerabilities in the PoC chain, if some vulnerabilities are duplicated, the scenario conversion will be performed on the non-duplicated vulnerability content in the PoC chain (if there are 3 vulnerabilities in the complete duplicated POC chain, and one of them is not duplicated, the reward will be 1/3 of the complete reward)

reward standard

The total bonus pool of this guardian plan is RMB 1 million yuan, formula: basic reward x interaction coefficient + challenge bonus (completing challenge item).

Bug Coverage & Reward:

Interaction coefficient:

Challenge:

Through the undisclosed 0day vulnerability, you can obtain Xiaomi * full root privileges in any scenario (except for the official root tool), and directly reward 100,000 yuan bonus.

Through the undisclosed 0-day vulnerability, the phone can be unlocked directly by booting in any scene, and the bonus of 100,000 yuan will be awarded directly.

Remarks:

For security vulnerabilities that include but are not limited to inducing users to click links, phishing emails, multiple interactions, etc. There are three types: no interaction, weak interaction and strong interaction.

Remote: refers to the exploitation of vulnerabilities without installing applications or physically contacting devices, including through web browsing, reading SMS MMS, sending and receiving emails, file downloading, wireless network communication (excluding short-range communication with a communication distance of less than 10 cm), etc.

Near field communication: NFC, Bluetooth

Silent installation: refers to the process of installing the application, the attacker is completely unaware (for example, the application store automatically installs when there is a pop-up box prompt does not belong to silent installation)

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.