At FICOSA Group, we consider the security and integrity of our products a top priority.

We value and encourage responsible reporting of vulnerabilities to help us maintain a safe environment for our users and stakeholders. If you discover a security issue in our products, your cooperation in responsibly disclosing it is greatly appreciated.

Before to proceed, please read the information below concerning FICOSA’s Responsible Disclosures, and indicate your consent by clicking the “I agree; go t the next page” button. This will take you to Product Vulnerability Information Form.

Note: You cannot proceed to Product Vulnerability Information Form if you do not indicate your consent and acknowledgment to the contents below. Thank you for your understanding.

How to report

If you identify a vulnerability, please follow these steps:

  • Contact Us via Product Vulnerability Information Form: Send your findings about any vulnerability in our products.
  • Details: Provide sufficient information to reproduce the issue. This typically includes:
    • Affected Ficosa’s products.
    • Description of the vulnerability.
    • Steps or tools used to identify the issue.

 Guidelines for Reporting

To ensure responsable handling of the vulnerability, we kindly ask to you to:

  • Avoid misuse: Do not exploit the vulnerability by modifying or affecting the product within the vehicle environment.
  • Respect confidentiality: Do not share or reveal details of the vulnerability with others.

 What to Expect from Us

  • Prompt Response: We will acknowledge your report promptly.
  • Confidentiality: Your personal details will not be shared without your consent unless required by law.
  • Purposes of use of personal information: Personal information entered and obtained will be used solely to monitor and solve the vulnerabilities and record them.
  • Action Plan: We will address the issue as quickly as possible and keep you updated on its resolution.

  Important note:

While we deeply appreciate your efforts, please note that we do not offer financial rewards (bug bounties) for vulnerability reports.

Thank you for helping us protect our systems and users. Your cooperation and responsible actions make a difference.

By proceeding, you confirm that you have read and understood these guidelines. If you agree, you may submit your report on the following page.

I AGREE; GO TO THE NEXT PAGE
I DO NOT AGREE

Compartir en FacebookTweet en TwitterCompartir en LinkedInEnviar esta página por correo