Reporting a Potential Security Vulnerability is welcomed from independent researchers, industry organizations, vendors and customers concerned with product security. We encourage coordinated disclosure of security vulnerabilities.
Email us at: ProductSecurity@Resideo.com
, with the following instructions/details, making sure to include as many details as possible such as the following:
Product and version
Description of the potential vulnerability
Any special configuration required to reproduce the issue
Step by step instructions to reproduce the issue
Proof of concept or exploit code, if available
Website URL or location
Type of vulnerability (XSS, Injection, etc.)
We encourage encrypting the information using Resideo’s public PGP key
. By submitting a report to Resideo, you agree to keep the subject matter of the report, as well as all subsequent related conversations with Resideo, strictly confidential.