Skip to main content
If you click on a link and make a purchase we may receive a small commission. Read our editorial policy.

Nintendo offering up to $20,000 to anyone who can discover 3DS hardware vulnerabilities

Stephany Nunneley-Jackson avatar
News by Stephany Nunneley-Jackson News Editor
Published on

Are you rather good at discovering hardware vulnerabilities? If so, Nintendo wants your help.

new_3ds_01

According to a notice from the company in partnership with HackerOne, Nintendo is offering up to $20,000 for the discovery of critical security vulnerabilities with 3DS systems.

The invitation is open to "highly skilled researchers" to find and address vulnerabilities which could "jeopardize the hardware environment."

Subjects listed below are examples of what Nintendo is keen on preventing:

Piracy, including:

  • Game application dumping
  • Copied game application execution
  • Cheating, including:
  • Game application modification
  • Save data modification
  • Dissemination of inappropriate content to children

Vulnerabilities:

  • System vulnerabilities regarding the Nintendo 3DS™ family of systems
  • Privilege escalation on ARM11 userland
  • ARM11 kernel takeover
  • ARM9 userland takeover
  • ARM9 kernel takeover
  • Vulnerabilities regarding Nintendo-published applications for the Nintendo 3DS™ family of systems
  • ARM11 userland takeover
  • Hardware vulnerabilities regarding the Nintendo 3DS™ family of systems
  • Low-cost cloning
  • Security key detection via information leaks

Of course, there are terms and conditions to the incentive, and Nintendo reserves the right to choose "whether or not it will address" any reported vulnerabilities.

"Nintendo will pay rewards to the first reporter of qualifying vulnerability information ranging from $100 USD to $20,000 USD. Only one reward per qualifying piece of vulnerability information will be awarded. Nintendo will determine at its discretion whether the vulnerability information qualifies for a reward as well as the amount of any such reward. Nintendo does not disclose how the reward amount is calculated. Vulnerability information that is already known to Nintendo or the public, for example, does not qualify for a reward. Rewards will not be issued to individuals who are on sanction lists, or who are in countries on sanction lists."

More information is provided through the links.

Sign in and unlock a world of features

Get access to commenting, homepage personalisation, newsletters, and more!

Related topics
Hacking Nintendo Nintendo 3DS Nintendo DS
About the Author
Stephany Nunneley-Jackson avatar

Stephany Nunneley-Jackson

News Editor

Stephany is VG247’s News Editor, with 22 years experience (with 15 of them at VG247). With a brain that lacks adhesive ducks, the ill-tempered, chaotic neutral fembot does her best to bring you the most interesting gaming news. She is also unofficially the site’s Lord of the Rings/Elder Scrolls Editor.
Comments