Product Security

To provide a method for external groups to report vulnerabilities, ST Engineering iDirect has established a communication channel as a connection point to our Product Security team. To submit a vulnerability please complete the below form. Upon completion, you will receive further instructions on how to securely transmit any reports or proof of concept code.

 

We request the following when reporting a vulnerability:

  • Please provide your disclosure in English
  • Include specific information including model, serial number, location, software version(s) and how the product was obtained
  • If you have proof-of-concept for the exploit, please include the code and an explanation of the functionality
  • Do not transmit any sensitive information until you are provided with a secure method to do so

We will:

  • Acknowledge receipt of your report
  • Send instructions on transmitting your report and proof-of-concept code in a secure manner
  • Conduct an internal assessment of the vulnerability
  • Follow our internal procedures for vulnerability handling and disclosure

Thank you for participating in responsible disclosure practices.