Vulnerability Disclosure Program

As a security OEM, eScan is committed to upholding high-security standards. Hence, it is crucial that we are notified about any possible vulnerabilities within our solutions as early as possible to prevent potential damage. Therefore, eScan encourages the prompt reporting of any security vulnerabilities.

To report any vulnerabilities or security flaws, please contact us at Kindly provide us with detailed information about the solution version, binary name, operating system, any specific conditions, and/or details that will assist our security lab analysts in replicating or reproducing the reported flaw.

We deeply appreciate our customers, partners, security researchers, industry colleagues, and peers who take the time to report any flaws to our team. The names of individuals or organizations whose findings are confirmed will be published in our Hall of Fame list.

    What will happen next?

  • eScan will respond to the vulnerability reporter and establish communication to exchange further information, acknowledging that the report has been received. All vulnerability details are handled with high confidentiality and are shared only on a need-to-know basis, both internally and externally.
  • During the vulnerability coordination process, eScan will continue to collaborate with the reporter to obtain more detailed information and to keep them informed about the progress, as much as confidentiality and regulations allow.
  • Once the investigation process of the reported vulnerability has concluded, eScan will communicate appropriate details back to the reporter and any other relevant parties.
  • The decision of when and where the reported vulnerability is published is determined on a case-by-case basis.
  • eScan reserves the right to decide whether or not to recognize it, also on a case-by-case basis.

Live Chat