Hi, I need to report a vulnerability that I've found in Dialog's SDK, but it seems dialog doesn't have a PSIRT contact to receive vulnerability reports.
有推荐联系电子邮件从对话框t吗o report vulnerability details? Would sending technical details tosmartbond@diasemi.combe the correct email?
Thanks.
Device:
Hello,
Can you please post online which are your queries or issues regarding the vulnerability? You can post technical questions on our forum. In the meanwhile, please take a look at the following announcement:
https://support.dialog-semiconductor.com/forums/post/announcements-and-updates/bluetooth-sig-security-vulnerability
Also, can you please indicate the chip that you are using?
Thanks, PM_Dialog
Hello, the DoS vulnerability in question was found in Dialog BLE Link Layer implementation. I'm using the latest SDK for DA14680-01 (DA14681-01A9DEVKT-B evaluation kit).
Let me know if it's still ok to post the full details here and PoC tool. As I'm aware, commercial products uses this SoC and that would mean public disclosure for attackers in radio range.
Thanks.
Himgarbelix@gmail.com,
You can send in this email address:bluetooth.support@diasemi.com
Thanks, PM_Dialog
Thanks, the report has been sent to the correct email as requested.