Hello, I'm trying to contact Cypress regarding a vulnerability I've found in BLE PSoC 4 devices for about one week and I didn't receive any acknowledgement.
Cypress vulnerability reporting site claims that matters sent to psirt@cypress.com would be acknowledged right away, but no message was received by our end. I've correctly encrypted the email as required.
Is the above email the right one to report Bluetooth vulnerability matters?
As I understand, this acknowledgment from Cypress is required to file a "undisclosed" CVE request.
Thanks.
Solved! Go to Solution.
Hello,
Just a short note to let you know that Cypress PSIRT has received your report and is looking into your data. Our PSIRT outreach system is new and we don't yet have an automated response to acknowledge receipt of reports or concerns.
I will respond additionally to your email address provided in your report with additional information.
Thank you for your patience,
Jeff Lee
PSIRT Coordinator
Hello,
Just a short note to let you know that Cypress PSIRT has received your report and is looking into your data. Our PSIRT outreach system is new and we don't yet have an automated response to acknowledge receipt of reports or concerns.
I will respond additionally to your email address provided in your report with additional information.
Thank you for your patience,
Jeff Lee
PSIRT Coordinator
Thank you very much.