1. Purpose

SEETEL is committed to maintaining the security and reliability of its products and services.
We value feedback from external security researchers, partners, and users, and recognize the importance of responsible vulnerability disclosure.
This Vulnerability Disclosure Policy (VDP) defines the official process for reporting security vulnerabilities and outlines our response, remediation, and communication mechanisms.
 

2. Scope

This policy applies to all SEETEL products, systems, platforms, and services, including but not limited to:
• Hardware devices
• Firmware
• Software and cloud services
• Official websites and related systems
 

3. Vulnerability Reporting Channels

If you discover a potential security vulnerability affecting SEETEL products or services, please report it through the following official channel:
• Email:service@seetel-energy.com
To help us efficiently assess and address the issue, we recommend including the following information when possible:
• A detailed description of the vulnerability
• Potential impact and affected components
• Steps to reproduce the issue
• Supporting materials (logs, screenshots, proof-of-concept, etc.)
• Your contact information (optional, but helpful for follow-up)
 

4. Handling Process and Timeline

SEETEL follows a structured and responsible process for handling reported vulnerabilities:
1. Acknowledgement
 • We will acknowledge receipt of the vulnerability report within 48 hours.
2. Initial Assessment
 • An initial technical and risk assessment will be completed within 7 business days.
3. Remediation
 • If the issue is confirmed as a significant or critical vulnerability, an internal remediation process will be initiated promptly.
4. Notification
 • Once remediation is completed, the reporting party will be notified, provided contact information was supplied.
 

5. Remediation Updates and Disclosure

To ensure transparency and keep users informed, SEETEL may communicate remediation progress and outcomes through one or more of the following methods, depending on the nature of the vulnerability:
• Publication of a Security Advisory
• Release notes for firmware or software updates
• Announcements on the official website or product support pages
The timing and method of disclosure will be determined based on risk assessment and operational considerations.
 

6. Responsible Disclosure Principles

SEETEL supports responsible vulnerability disclosure and requests that reporters:
• Avoid public disclosure of vulnerability details before a fix is available
• Refrain from activities that could disrupt services, compromise data, or impact users
• Conduct security research in compliance with applicable laws and ethical standards
We commit to acting in good faith toward security researchers who follow this policy and report vulnerabilities responsibly.
 

7. Policy Availability

This Vulnerability Disclosure Policy is publicly available on the SEETEL official website and relevant product support pages, ensuring easy access for researchers and the general public.
 

 
 
For any questions regarding this policy, please contact us via the vulnerability reporting channel listed above.
 
JC-STARVPDPolicyInformation SecurityNotification Policy