Vulnerability disclosure

The safety of our customers is one of CROSSCALL's top priorities. It drives us at every stage of our product design process. Even after our products are launched on the market, we do everything we can to be responsive and address any potential security flaws and vulnerabilities in our products.

CROSSCALL adheres to the principles of responsible vulnerability disclosure and encourages you to report any security vulnerabilities you detect in good faith using the reporting form.

 

CREATE A REPORT 

 

CROSSCALL's commitments

Responsible disclosure of security vulnerabilities helps to ensure customer safety.
CROSSCALL therefore treats each form received with care and undertakes to remedy potential security vulnerabilities as quickly as possible.

  • Treat each form with care and inform you that it has been taken into account within 7 calendar days;
  • Work with the reporter to understand the vulnerability;
  • Implement the necessary actions to quickly resolve the potential vulnerability;
  • Distribute fixes to consumers as quickly as possible, depending on the vulnerability addressed. This information will be communicated to you as part of our exchanges;
  • Publish the vulnerabilities that have been addressed.

 

Commitments of the declarant

  • Comply with all applicable laws in the context of your IT security research activities;
  • Use the form to report potential vulnerabilities as comprehensively as possible and provide sufficient information so that CROSSCALL can reproduce the vulnerability and resolve it quickly;
  • As soon as a vulnerability is discovered, please maintain confidentiality regarding this security breach while the fix is being processed on our equipment, in particular to avoid any personal data breaches, disruption to internal or external servers, and destruction of data or physical property;
  • Do not use vulnerabilities for commercial or professional purposes and, in general, do not take advantage of the vulnerability discovered.

Please note that the discovery of a vulnerability does not in any way imply any intellectual property rights or claims on CROSSCALL software or products.

If you wish to contact CROSSCALL for questions about your products, technical support information or an after-sales service issue, please use the appropriate form.