Eversolo Security Center
Security Breach Response
Eversolo attaches great importance to security issues, and we welcome security researchers to provide us with feedback on potential security issues to improve the security of our products and services.
Vulnerability Response and Disclosure Process
- Recipient
Monitor and and assign received vulnerabilities in a timely manner.
- Verification
Conduct technical verification of the effectiveness of vulnerabilities, confirming their exploitability and potential impact.
- Solution Development
Provide effective fix solutions or risk remediations measures.
- Affected Scope Confirmation
Investigate and confirm the complete scope of affected products.
- Disclosure of Vulnerabilities
Review and publish security recommendations for the vulnerability after confirming the completion of all vulnerability response processes.
Vulnerability Submission
Please report any security vulnerability via email to: service@eversolo.com
The email should at least contain the following items:
- Organizational information and contact details;
- Affected products models, serial numbers/MAC, purchase date, where you purchased and firmware versions;
- Descriptions of the vulnerabilities;
- Exploitation methods of the vulnerabilities;
- Vulnerability disclosure plan;
- Other information (if any).
Attention
Although we encourage investigation of potential security breaches, we cannot tolerate any activity that may interfere with legitimate users or may violate applicable computer abuse, cyber security and data protection regulations. Therefore, the following activities are prohibited:
- Modification or destruction of data
- Service disruption or degradation, such as DoS
- Disclosure of personal, proprietary or financial information
Response Time
Upon receipt of the vulnerability you have submitted, we will send you a notification via email within 48 hours to commence the vulnerability response, along with confirmation and feedback on the nature of the vulnerability. The subsequent progress of the vulnerability will also be continuously updated in the email as soon as possible.
*Note: The actual vulnerability response time may vary depending on the risk level and complexity of the vulnerability.
Vulnerability Disclosure Instructions
When an external party discovers or is concerned about a potential vulnerability, but we have not yet fully confirmed it, we will disclose basic information about the vulnerability and our investigation via email.
The vulnerability information shall be kept confidential until Eversolo releases the formal security advisory to the public.
When the vulnerability has been confirmed to be fixed, new firmware will be released, and a firmware update change log will be published, containing a description of the vulnerabilities that have been solved. *Eversolo Download Center
Product Support Policy
We strive to provide continuous security updates for our products. The security updates generally include the latest patches, vulnerability fixes, and other security improvements. We will generally maintain security updates for at least two years from the launch date of a product. However, the security update situation may vary by product, so please pay attention to our announcements. We will regularly publish and update information about the security of Eversolo products on this page to help you check your device’s security updates.
|
Product Type |
Model Name |
Release Date |
|
Streamer |
DMP-A6 | 05/2023 |
| Streamer | DMP-A6 Master Edition | 05/2023 |
| Streamer | DMP-A8 | 11/2023 |
| Power Amplifier | AMP-F2 | 12/2023 |
| D/A Converter | DAC-Z6 | 10/2022 |
| D/A Converter | DAC-Z6 | 10/2022 |
| Portable Audio | H1 | 11/2022 |
| Portable Audio | H2 | 11/2022 |
|
Note: Security update policies and products are subject to change and will be reviewed on a regular basis. |
|
|
