Follow These Steps to Report a Potential Security Vulnerability

Send an email to and include as much information as possible:

  • Your contact information
  • Product name with any version or revision numbers
  • Name of the person who found the vulnerability
  • Date when the vulnerability was detected and details about how it was discovered
  • Detailed technical description of the potential vulnerability
  • Detailed description of potential exploits
  • A Common Vulnerability Scoring System (CVSS) score if possible

How S4DX´s PSIRT Responds to Reports

S4DX´s PSIRT will use the following steps to respond to a report of a potential security vulnerability:

  1. Notification: S4DX receives the report and acknowledges the receipt of the information
  2. Review: S4DX reviews the information provided to determine if an S4DX product is indeed affected and if there is sufficient data in the report to begin an investigation
  3. Analysis: Once all the necessary information is received, S4DX does an in-depth technical investigation into the reported potential vulnerability
    • S4DX also uses CVSS v3.0 to score the vulnerability so that it is prioritized for analysis and remediation
  4. Corrective actions: If the security vulnerability is verified, S4DX takes the appropriate actions for remediation of the issue
  5. Disclosure: S4DX releases information about the verified vulnerability where appropriate and may make details about the remediation actions available in a security advisory or a bulletin

Our Responses to Reported Vulnerabilities

Known Vulnerabilities

Shortened description Severity Publish Date Last modified
No Vulnerabilities Reported Yet

Nossas respostas às vulnerabilidades relatadas (versão em português)

Vulnerabilidades conhecidas

Descrição resumida Severidade Data de publicação Ultima modificação
Nenhuma Vulnerabilidade ainda relatada

Our Responsible Disclosure Policy

S4DX PSIRT follows a coordinated vulnerability responsible disclosure policy that you should review before you submit a report. It is based on ISO/IEC 29147:2020 and ISO/IEC 30111:2019, and it describes the nature of the expectations and relationship between S4DX and you.