- True Wireless Earbuds All True Wireless Earbuds
- Over-Ear & On-Ear Headphones All Over-Ear & On-Ear Headphones
- Wireless Headphones All Wireless Headphones
- Wired Headphones All Wired Headphones
W820NB
W240TN
MS50A
W820NB
NeoBuds Pro
S3
S1000W
Security researchers can notify EDIFIER of security vulnerabilities in devices.
Contact of Edifier’s security department
Edifier has signed a partnership with Security Corporation, who will provide a security test report for Edifier’s devices.
Monitor the public information of the following websites through regular and continuous monitoring
Monitor version updates for third-party components and update to the latest version to avoid the existence of known vulnerabilities.
Fixes for severity vulnerabilities will be bundled in existing updates.
1. Vulnerabilities identified by customers, users, etc.
2. A security related review meeting must be held immediately and the corresponding solution needs to be presented. In particular, participants must include security technology manager, project development manager, firmware architecture manager, and Technical Director.CVSSv2 will be used as a reference standard for assessing and prioritizing vulnerability.
3. According to the solution, the developer performs the specific implementation.
4. Code review. Reviewers should include security technology manager and project development.
5. Release firmware.
6. QA team test the firmware. If there are any problems, go back to step three.
7. Code merged into trunk branch.
8. The project manager notify customers that they need to update the software and get customer’s upgrade confirmation.
9. Publish OTA for Edifier products updating.
If security incident arises, the incident must be treated as the highest priority urgent. CEO and CTO must be aware of this incident and participate in incident handling. If the incident is a software maintenance issue,then it will be handled according to the process of the “Software maintenance update strategy” in this document. A tripartite meeting should be held immediately. The participants are Edifier,OEMS. The meeting needs to collecting information , clarify the situation of the accident,and estimated timelines for remediation of a incident. If there is a special major impact incident, Edifier will discuss the timelines for remediation with customer.