The safety of our customers is one of CROSSCALL's top priorities. It drives us through every stage of designing our products. Even after they hit the market, we do everything we can to be responsive and address potential security flaws and vulnerabilities in our products.

CROSSCALL adheres to the principles of responsible vulnerability disclosure and encourages you to report any security vulnerabilities you have found in good faith via the reporting form.

To assist you in this process, CROSSCALL has established this vulnerability disclosure policy. CROSSCALL informs you about the vulnerability handling process, from the receipt by CROSSCALL to the publication by CROSSCALL of verified and fixed vulnerabilities.

• Respect all applicable laws in the context of your cybersecurity research activities;
• Use the form to report potential vulnerabilities as thoroughly as possible and provide enough information so that CROSSCALL can reproduce the vulnerability and resolve it quickly;
• Upon discovering a vulnerability, please maintain confidentiality about this security flaw during the time it takes to distribute the patch on our devices, especially avoiding any personal data breaches, degradation of user experience, server disruptions, or destruction of any data.
• Do not disclose the reported vulnerability during the processing period by CROSSCALL (90 days duration)
• Refrain from using the reported vulnerability for offensive, commercial, or professional purposes.

It is reminded that discovering a vulnerability does not grant any intellectual property rights or claims over Crosscall’s software or products.

If you wish to contact CROSSCALL regarding your products, information about technical support, or a service issue, please use the appropriate form.