Eversolo Security Center
Security Breach Response
Eversolo
attaches great importance to security issues, and we welcome security
researchers to provide us with feedback on potential security issues to improve
the security of our products and services.
Vulnerability Response and
Disclosure Process
1. Recipient
Monitor
and and assign received vulnerabilities in a timely manner.
2. Verification
Conduct
technical verification of the effectiveness of vulnerabilities, confirming
their exploitability and potential impact.
3. Solution Development
Provide
effective fix solutions or risk remediations measures.
4. Affected Scope Confirmation
Investigate
and confirm the complete scope of affected products.
5. Disclosure of
Vulnerabilities
Review
and publish security recommendations for the vulnerability after confirming the
completion of all vulnerability response processes.
Vulnerability Submission
Please report any security vulnerability via email to: service@eversolo.com
The
email should at least contain the following items:
-
Organizational information and contact details;
-
Affected products models, serial numbers/MAC, purchase date, where you
purchased and firmware versions;
-
Descriptions of the vulnerabilities;
-
Exploitation methods of the vulnerabilities;
-
Vulnerability disclosure plan;
-
Other information (if any).
Attention
Although we encourage
investigation of potential security breaches, we cannot tolerate any activity
that may interfere with legitimate users or may violate applicable computer
abuse, cyber security and data protection regulations. Therefore, the following
activities are prohibited:
-
Modification or destruction of data
-
Service disruption or degradation, such as DoS
-
Disclosure of personal, proprietary or financial information
Response Time
Upon receipt of the
vulnerability you have submitted, we will send you a notification via email
within 48 hours to commence the vulnerability response, along with confirmation
and feedback on the nature of the vulnerability. The subsequent progress of the
vulnerability will also be continuously updated in the email as soon as
possible.
*Note: The actual
vulnerability response time may vary depending on the risk level and complexity
of the vulnerability.
Vulnerability Disclosure Instructions
When an external party
discovers or is concerned about a potential vulnerability, but we have not yet
fully confirmed it, we will disclose basic information about the vulnerability
and our investigation via email.
The vulnerability
information shall be kept confidential until Eversolo releases the formal
security advisory to the public.
When the vulnerability has been confirmed to be fixed, new firmware will be released, and a firmware update change log will be published, containing a description of the vulnerabilities that have been solved. *Eversolo Download Center
Product Support Policy
We strive to provide continuous security updates for our products. The security updates generally include the latest patches, vulnerability fixes, and other security improvements. We will generally maintain security updates for at least two years from the launch date of a product. However, the security update situation may vary by product, so please pay attention to our announcements. We will regularly publish and update information about the security of Eversolo products on this page to help you check your device’s security updates.
|
Product Type |
Model Name |
Release Date |
|
Streamer |
DMP-A6 |
05/2023 |
|
Streamer |
DMP-A6 Master Edition |
05/2023 |
|
Streamer |
DMP-A8 |
11/2023 |
|
Power Amplifier |
AMP-F2 |
12/2023 |
|
D/A Converter |
DAC-Z6 |
10/2022 |
|
D/A Converter |
DAC-Z8 |
10/2022 |
|
Portable Audio |
H1 |
11/2022 |
|
Portable Audio |
H2 |
11/2022 |
Note: Security update
policies and products are subject to change and will be reviewed on a regular
basis.
