Reporting Suspected Vulnerabilities

If you encounter or find a suspected vulnerability in Westwell products, we would appreciate it if you could quickly inform us. Please report suspected vulnerabilities through specified channels in accordance with the security mechanisms.

Vulnerability Reporting Channels

You can submit any suspected vulnerabilities related to Westwell’s products via email wsrit@westwell-lab.com. We will investigate immediately all suspected vulnerabilities submitted by security researchers, organizations, clients, or vendors etc. Typically, you will receive an email confirmation from Westwell within 24 hours, and you will be updated on the status of the submitted case as appropriate.

Security Mechanism

Vulnerability information is sensitive. To ensure confidentiality, you are advised to encrypt the information sent to wsrit@westwell-lab.com using Pretty Good Privacy (PGP). You can click here to obtain Westwell's PGP public key (PGP fingerprint: F67BED9420299B20A429EFAE3E3044BDB580181B).

Throughout the vulnerability handling process, Westwell strictly ensures that vulnerability information is transferred only between relevant handlers. We sincerely request you to keep the information confidential until a complete solution is available to our customers.

Update:2022/6/20