Security Breach Respose

Bittel Intelligent attaches great importance to security issues, and we welcome security researchers to provide us with feedback on potential security issues to improve the security of Bittel products and services.

Breach Respose and Disclosure Process

Breach Respose
We continuously monitor the receiving channels of vulnerabilities, promptly view and allocate accepted vulnerabilities.
Vulnerability Verification
Security engineers will conduct technical verification of the effectiveness of vulnerabilities, confirming their exploitability and potential impact.
Confirm Vulnerability Repair Plan
Security engineers will develop vulnerability repair plans or risk mitigation measures and verify their effectiveness.
Confirm the Affected Area
We will further investigate all products that may be affected and clarify the scope of products affected by vulnerabilities.
Disclosure of Vulnerabilities
We will review and publish security recommendations for the vulnerability after confirming the completion of all vulnerability response processes.

Vulnerability Submission Method

You can submit vulnerabilities via Bittel Intelligent Security email. Here are the Email Account:

Security@bittelgroup.com The email should at least contain the following items:
- Organizational information and contact details;
- Affected products and versions;
- Descriptions of the vulnerabilities;
- Exploitation methods of the vulnerabilities;
- Vulnerability disclosure plan;
- Other information (if any). Please click here and download the template file for Submit Vulnerability.

Please pay attention to the following points:

Although we encourage you to investigate and study potential security vulnerabilities, we cannot tolerate any activities that may interfere with the legitimate rights and interests of users, or may violate laws and regulations related to computer abuse, network security, and privacy protection. Therefore, you should not engage in the following activities:
- The act of modifying or destroying data;
- Activities that cause service interruption or degradation, such as denial of service attacks;
- The activity of disclosing personal data, data with intellectual property rights, and financial data.

Vulnerability Response

Upon receipt of the vulnerability you have submitted, we will send you a notification via email within 48 hours to commence the vulnerability response, along with confirmation and feedback on the nature of the vulnerability. The subsequent progress of the vulnerability will also be continuously updated in the email as soon as possible.

*Note: The actual vulnerability response time may vary depending on the risk level and complexity of the vulnerability.

Vulnerability Disclosure Statement

Bittel Intelligent discloses security vulnerabilities in its products through the following two methods:

- Security Advisory: When the vulnerability has been confirmed by us, we will disclose detailed vulnerability information and corresponding repair plans through a security advisory within 180 days after completing the vulnerability analysis and repair plan.
- Security Notice: When potential vulnerabilities in Bittel products are discovered or monitored externally, but we have not fully confirmed the vulnerability, we disclose basic information about the vulnerability and our investigation progress through a security notice.
*Note: The actual disclosure time of vulnerabilities may be adjusted based on the publisher's disclosure plan, the launch time of vulnerability repair plans, the potential negative impact of repair plans, and the vulnerability disclosure plans of other service providers.