What are the policies related to security issues of the Xiaomi routers?
Xiaomi attaches great importance to security issues and welcomes all security researchers to report potential security vulnerabilities to us to improve the security of our products and services.
You can report vulnerabilities through Xiaomi Security Center, Hackerone vulnerability platform, or via email.
The following are the detailed reporting methods:
Mailbox: security@xiaomi.com
Website: https://sec.xiaomi.com
Vulnerability Disclosure Instructions
Xiaomi discloses security vulnerabilities in its products in two ways:
Security Advisory (SA):
When the vulnerability has been confirmed, we will disclose detailed information about the vulnerability and the corresponding fix as below:
1. Critical vulnerabilities to be fixed within 14 days;
2. High vulnerabilities to be fixed within 28 days;
3. Medium vulnerabilities to be fixed within 42 days;
4. Low vulnerabilities to be fixed within 175 days.
Security Notice (SN):
When a potential vulnerability is discovered or noted externally, but we have not confirmed the vulnerability yet, we disclose the basic information of the vulnerability and our investigation progress through an SN.
For more information, please check online: https://trust.mi.com/misrc/response
You can report vulnerabilities through Xiaomi Security Center, Hackerone vulnerability platform, or via email.
The following are the detailed reporting methods:
Mailbox: security@xiaomi.com
Website: https://sec.xiaomi.com
Vulnerability Disclosure Instructions
Xiaomi discloses security vulnerabilities in its products in two ways:
Security Advisory (SA):
When the vulnerability has been confirmed, we will disclose detailed information about the vulnerability and the corresponding fix as below:
1. Critical vulnerabilities to be fixed within 14 days;
2. High vulnerabilities to be fixed within 28 days;
3. Medium vulnerabilities to be fixed within 42 days;
4. Low vulnerabilities to be fixed within 175 days.
Security Notice (SN):
When a potential vulnerability is discovered or noted externally, but we have not confirmed the vulnerability yet, we disclose the basic information of the vulnerability and our investigation progress through an SN.
For more information, please check online: https://trust.mi.com/misrc/response
Does it help?
Yes
No