Coordinated Disclosure

Have you identified a vulnerability in our products? Let us know!

COORDINATED DISCLOSURE POLICY

MiR encourages customers, security researchers and other interested parties to responsibly disclose found security vulnerabilities in collaboration with MiR.

For responsible disclosure please approach your MiR Technical Support representative. The issue will be forwarded to the Product Security team. If you do not have a Technical Support representative, you can submit a Technical Issue after creating a free account in the MiR Support Portal.

The Product Security team will review the submission and usually reply within 5 business days.

Please note that MiR does NOT offer any rewards for disclosed vulnerabilities. We DO provide full attribution to the parties who discovered the vulnerability, if so desired.

We are committed to the safety and security of our users worldwide. MiR reserves the right to NOT disclose a received vulnerability if we believe this would expose our users to excessive risk. In such cases we will work together with the reporting party to create a timeline when disclosure will be possible and beneficial to MiR's customers and the general public.

When performing security assessments, always adhere to locally applicable laws and regulations and consider the safety, security and privacy of affected persons at all times. Do NOT attempt to cause harm to anyone. Only perform security assessments on systems that you either own or have permission to assess. Do NOT perform security assessments on systems owned by MiR without prior express written consent from MiR.