2021/12/06: Samsung offered us a $250 reward for reporting a vulnerability on the Galaxy A71 5G, which refers to the security requirement S15.
2021/11/30: Xiaomi Security Center confirmed the UE (Redmi K30i 5G) violates the security requirement S12 and assigned it as a middle impact vulnerability. They also offered us a reward of 1500 RMB for the reporting.
2021/11/30: Xiaomi Security Center confirmed the UE (Redmi K30i 5G) violates the security requirement S1, S4, S18, S20 and S22. They assigned them as low impact level.
2021/11/07: Samsung confirmed the UE (Galaxy A71 5G) violates the security requirement S2. They are already preparing the patch, and it is expected to be released in early December 2022.
2021/11/06: Samsung confirmed the UE (Galaxy A71 5G) violates the security requirement S15. They are already working on the fix so that they can patch the vulnerability as soon as possible.
2021/10/25: Samsung confirmed the UE (Galaxy A71 5G) violates the security requirement S12. They are already preparing the patch, and it is expected to be released soon via security or software update.
New updates: Google confirmed the UE Nexus 6P and Nexus 6 violates the security requirement S6. They will fix for Nexus 6P in the next version.
We reported the security requirement violations to the corresponding device vendors.