How to Report a Potential Vulnerability Found From a Penetration Test or Other Such Testing
If a potential vulnerability or exploit was discovered and you would like to inform OpenEye of your findings, please provide the following items in an email to support@openeye.net.
Included items in report email
- CVE (Common Vulnerabilities and Exposures) number.
- Reference the US government website for the CVE number: https://www.cisa.gov/known-exploited...lities-catalog
- Serial numbers of affected devices.
- To find your recorder serial number, refer to Where do I Find my Serial Number on my Product?
- Copy of the scan results showing the vulnerability.
- Include the version of software and image on affected devices.
- The firmware needs to be up to date. We do not report vulnerabilities on older software versions. After your firmware is up to date, retest for security vulnerabilities.
- Refer to How Do I Check My OS Image Version? to find your image and software version.
Note: Most vulnerabilities from outdated software are likely to be resolved in current versions. Contact our technical support team if you are experiencing issues updating your recorder or additional questions regarding vulnerabilities.