Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

PSoC™ 4

MaEd_4392426
Level 1
First like given
Level 1

Hello, I'm trying to contact Cypress regarding a vulnerability I've found in BLE PSoC 4 devices for about one week and I didn't receive any acknowledgement.

Cypress vulnerability reporting site claims that matters sent to psirt@cypress.com​ would be acknowledged right away, but no message was received by our end. I've correctly encrypted the email as required.

Is the above email the right one to report Bluetooth vulnerability matters?

As I understand, this acknowledgment from Cypress is required to file a "undisclosed" CVE request.

Thanks.

0 Likes
1 Solution
JeffreyL_71
Employee
First solution authored First reply posted First like received
Employee

Hello,

Just a short note to let you know that Cypress PSIRT has received your report and is looking into your data.  Our PSIRT outreach system is new and we don't yet have an automated response to acknowledge receipt of reports or concerns.

I will respond additionally to your email address provided in your report with additional information.

Thank you for your patience,

Jeff Lee

PSIRT Coordinator

View solution in original post

2 Replies
JeffreyL_71
Employee
First solution authored First reply posted First like received
Employee

Hello,

Just a short note to let you know that Cypress PSIRT has received your report and is looking into your data.  Our PSIRT outreach system is new and we don't yet have an automated response to acknowledge receipt of reports or concerns.

I will respond additionally to your email address provided in your report with additional information.

Thank you for your patience,

Jeff Lee

PSIRT Coordinator

MaEd_4392426
Level 1
First like given
Level 1

Thank you very much.

0 Likes