Playstation’s bug bounty program is already bearing fruit apparently, as HackerOne has released a warning about a Playstation kernel vulnerability in the console’s 7.02 firmware update. The vulnerability can result in attacks, user information being stolen, and the ability to dump and run pirated games. Playstation has since patched the vulnerability.
Last week, Playstation announced that it would be holding a bug-hunting bounty program with cash rewards in exchange for warning Playstation of various bugs and issues in the Playstation 4 console and Playstation Network.
Considering that years ago Playstation was hit with such a devastating security breach that the company was sued for it, it’s not all that surprising that the company established such a program in cooperation with HackerOne. Especially since the plan is already bearing fruit.
With the Playstation 5 getting closer and closer to launching, it’s all the more important that Playstation learn of vulnerabilities in its systems to prevent people from getting into more user information, and the Playstation kernel vulnerability may only be one such vulnerability discovered.
The lucky person to discover the vulnerability to begin with goes by the name theflow0 on HackerOne, where he then engaged in discussion with Playstation on various particulars with the vulnerability. Playstation patching the vulnerability the very day they learned about it also shows how serious they are about security these days.
In a day and age when many different large companies are being targeted and the information of their customers compromised or stolen, it’s good that Playstation is relying not just on its own research teams but also on third-party hackers and technically-inclined gamers that can help them find more vulnerabilities.
Only time will tell if this does turn out to be the only such vulnerability or not, but we can rest a bit easier knowing that at least one Playstation kernel vulnerability has been found and patched out.