ZERONIX MISSION
Program Overview
Zeronix rewards considerable bounties to security researchers to acquire their original and previously unreported zero-day research. We acquire high-risk vulnerabilities with fully functional exploits and we pay comparable rewards in the market (up to $100,000 per submission).
Eligible Research
We acquire zero-day exploits and innovative security research related to the following products:
Operating Systems
Remote code execution or local privilege escalation, or VM escape:
- Microsoft Windows
- Linux / BSD
- Apple macOS
- ESXi / HyperV
Mobiles / Smartphones
Remote code execution, or privilege escalation, or any other research:
- Apple iOS
- Android
Web Servers
Remote code execution or information disclosure:
- Apache HTTP Server
- Microsoft IIS Server
- nginx web server
- PHP / ASP / Nodejs
- OpenSSL / mod_SSL
- mod_security
Email Servers
Remote code execution or information disclosure:
- MS Exchange
- Dovecot
- Postfix
- Exim
- Sendmail
Web Apps / Panels
Remote code execution or information disclosure:
- cPanel / Plesk / Webmin
- WordPress Core
- Joomla / Drupal
- vBulletin / MyBB / phpBB
- Roundcube / Horde
Research / Techniques
Research, exploits or new techniques related to:
- WiFi / Baseband RCE
- Routers / IoT RCE
- AntiVirus RCE/LPE
- Tor De-anonymization
- Mitigations Bypass
NOTE: If you have discovered a zero-day exploit affecting a product which is not listed above, feel free to submit minimal details and we will be glad to discuss the opportunity.
Zeronix Payouts
Bounties for eligible zero-day exploits range from $1,000 to $100,000 per submission. The amounts paid by Zeronix to researchers to acquire their original zero-day exploits depend on the popularity and security level of the affected software/system, as well as the quality of the submitted exploit (full or partial chain, supported versions/systems/architectures, reliability, bypassed exploit mitigations, default vs. non-default components, process continuation, etc). For more information, please read our FAQ.
The payout ranges listed below are provided for information only and are intended for fully functional/reliable exploits meeting Zeronix's highest requirements. Zeronix may pay even higher rewards for exceptional exploits and research.
Zeronix Payouts for Desktop/Servers
| Product | Type | Payout |
| Win Zero Click | RCE | Up to$75,000 |
|---|---|---|
| MS Outlook | RCE | Up to$30,000 |
| MS Exchange | RCE | |
| Adobe Acrobat Reader | RCE+SBX | Up to$10,000 |
| Remote Desktop | RCE | |
| Antivirus | LPE | Up to$5,000 |
| Product | Type | Payout |
| Apache | RCE | Up to$50,000 |
|---|---|---|
| OpenSSL | RCE | Up to$25,000 |
| PHP | RCE | |
| Sendmail | RCE | Up to$20,000 |
| Postfix | RCE | |
| Dovecot | RCE | |
| Exim | RCE | |
| nginx | RCE | |
| WordPress | RCE | Up to$10,000 |
| cPanel/WHM | RCE | |
| Plesk | RCE | |
| Webmin | RCE | |
| tar | RCE | Up to$8,000 |
| Linux | LPE | |
| BSD | LPE | |
| phpBB | RCE | Up to$5,000 |
| vBulletin | RCE | |
| MyBB | RCE | |
| Joomla | RCE | |
| Drupal | RCE | |
| Roundcube | RCE | |
| Horde | RCE |
| Product | Type | Payout |
| VMware ESXi | VME | Up to$20,000 |
|---|---|---|
| Thunderbird | RCE | |
| VMware WS | VME | Up to$8,000 |
| USB | LPE | Up to$5,000 |
| Routers | RCE | Up to$5,000 |
| Product | Type | Payout |
| Safari | RCE+PLE | Up to$10,000 |
|---|---|---|
| macOS | LPE/SBXE | Up to$5,000 |
Zeronix Payouts for Mobiles
| Product | Type | Payout |
| Android Zero Click | FCP | Up to$100,000 |
|---|---|---|
| Chrome | RCE+PLE | Up to$50,000 |
| SBX for Chrome | SBX | Up to$20,000 |
| Chrome w/o | RCE + SBX | |
| LPE for System | LPE | Up to$10,000 |
| PIN Bypass | - |
| Product | Type | Payout |
| iOS Zero Click | FCP | Up to$80,000 |
|---|---|---|
| iMessage Zero Click | RCE+PLE | Up to$70,000 |
| Persistence | - | Up to$50,000 |
| iMessage | RCE+PLE | |
| Safari | RCE+PLE | |
| SBX for Safari | SBX | Up to$20,000 |
| Safari w/o | RCE+SBX | |
| Passcode Bypass | - | Up to$10,000 |
| Touch ID Bypass | - |
| Product | Type | Payout |
| WhatsApp Zero Click | RCE+PLE | Up to$80,000 |
|---|---|---|
| RCE+PLE | Up to$70,000 |
|
| SMS/MMS | RCE+PLE | |
| RCE+PLE | Up to$50,000 |
|
| FB Messenger | RCE+PLE | |
| Signal | RCE+PLE | |
| Telegram | RCE+PLE | |
| Email App | RCE+PLE | |
| Baseband | RCE+PLE | Up to$20,000 |
| Kernel/Root | PLE | |
| Media Files | RCE+PLE | |
| Documents | RCE+PLE | |
| Code Signing Bypass | - | Up to$10,000 |
| WiFi | RCE | |
| RCE via MitM | RCE | |
| Information Disclosure | - | |
| [k]ASLR Bypass | - |
Submission Process
Zeronix reviews and validates all submissions within two weeks. Payments are made in cryptocurrencies (e.g. Bitcoin,Monero, Zcash). The payment is sent within two weeks.
