Security Notifications

Dangbei Security Guides & Notifications

Security Notifications
Report a Vulnerability
Vulnerability Disclosure Policy

Please select a security notification below for details:

SECURITY NOTIFICATION	PRODUCT	ID	RELEASE DATE

Legal Statement: Complies with The UK Product Security and Telecommunications Infrastructure (Product Security) requirements. Dangbei will provide security updates for 5 years from purchase.

Product Name	Launch Date	Update Period with End-Date
DBOX02	28/05/2024	28/05/2029
DBOD02 (Atom)	19/02/2024	19/02/2029
DBOX01 (Mars)	21/06/2023	21/06/2028
DBOD01 (Neo)	16/05/2023	16/05/2028
DBX3 Pro (Mars Pro)	23/02/2022	23/02/2027
N1	20/02/2023	20/02/2028
N2	11/06/2024	11/06/2029

Dangbei Vulnerability Disclosure Policy

Dangbei and its sales companies ("we", "us", "our") collect information on security vulnerabilities in our products and services (the "Products"), investigate their impact and disclose information as necessary to ensure that our customers can use our Products with confidence.

1. Application

This policy applies to all vulnerabilities (*1) reported to us. Customers are requested to read and comply with this policy carefully before reporting vulnerabilities.

*1: Vulnerability for the purposes of this policy is defined as an attack against a product that can adversely affect its confidentiality, integrity or availability.

2. How to report vulnerabilities

If you discover a new vulnerability (undisclosed vulnerability) for your product, please submit a report via the link below.

Report a Vulnerability

3. The process after a vulnerability report

3.1 Acknowledgement of receipt

The customer submitting the report (the "Rapporteur") will receive an acknowledgement of receipt from us within ten working days, starting from the day after the day on which the report is sent.

3.2 Identification of vulnerabilities

The received vulnerabilities are checked by our technical team and the results are fed back to the reporter.

3.3 Addressing vulnerabilities

If we determine that the product is vulnerable, we will provide the reporter with a fixed module that addresses the vulnerability or provide a workaround. Please note that when we provide a fixed module, we may ask the reporter to confirm that the vulnerability has been properly addressed.

3.4 Vulnerability disclosure.

If it is deemed necessary to inform customers other than the reporter, the security advisory will be posted on the following website as soon as the information can be disclosed, so that customers can implement appropriate measures.

In addition, if the reporting party makes the disclosure, the reporting party is requested to coordinate the content of the disclosure (e.g. not including information that may give the attacker an advantage) and the schedule of the disclosure.

Security Advisery

4. About Rewards

We sincerely appreciate those who take the time and effort to report vulnerabilities in accordance with this policy, but we do not offer any compensation for reporting vulnerabilities. Thank you for your understanding.

5. Prohibitions against the reporter

With regard to the disclosure of vulnerabilities The reporting party must not disclose vulnerability-related information to third parties without a valid reason. However, if you need to disclose vulnerability-related information for legitimate reasons, please consult us in advance.
With regard to when vulnerabilities are discovered and verified Please do not do the following in order to search for and verify vulnerabilities

I. Violating applicable laws and regulations
II. Accessing unnecessary, excessive or voluminous data
III. Altering data on our systems or services
IV. Using high-intensity invasive or destructive scanning tools to discover vulnerabilities
V. Attempting or reporting any form of denial of service, such as overwhelming our services with a high volume of requests
VI. Interfering with our services or systems

SHOPPING CART

title