Vulnerability Disclosure Policy
Vulnerability Reporting and Response Process:
RISION attaches great importance on cybersecurity of its products and solution. We promise that for every problem reported, there is a specially assigned person to follow up, analyze and give feedback in time.
RISION supports responsible vulnerability reporting procedures, and respect the research results of every white hat, who will be welcomed to report the vulnerability to RISION. RISION request the vulnerability reporter keep the vulnerability confidential until RISION releases the public Security Advisory.
How to Report Vulnerabilities
If you discover any potential security risks or vulnerabilities related to our products, please notify us promptly via email at: [support@rision.com]. We appreciate your efforts in helping to maintain a secure product ecosystem.
Note:
To ensure that the vulnerability information you submit is effectively evaluated and addressed, please include the following key details in your email (but not limited to):
Your name and contact information;
The specific product name, model, and firmware/software version number affected;
A detailed description of the vulnerability, including its type and potential impact;
The conditions required to trigger the vulnerability or the steps to reproduce it;
Any supplementary materials that may assist us in verifying and resolving the issue.
Vulnerability Response
Upon receiving your vulnerability report, we will send you an email within 24 hours to notify you that the response process has been initiated, along with confirmation of the vulnerability details and our initial feedback. We will also provide updates on the progress of the fix via email as soon as possible.
Note: Actual response times may vary depending on the severity and complexity of the vulnerability.
Note: Until an official security advisory is released, vulnerability reporters must keep the details of the vulnerability confidential.



