Product Security


Product Security Vulnerabilities

URC takes security concerns seriously and works quickly to evaluate and address them. Once reported, we commit the appropriate resources to analyze, validate and provide corrective actions to address the issue.

Our goal is to minimize customers’ risk associated with security vulnerabilities by providing timely information, guidance and remediation of vulnerabilities in our products, including software and applications, hardware and devices, services and solutions.
 

Report Security Vulnerabilities

A security vulnerability is a set of conditions in the design, implementation, operation or management of a product or service. Vulnerabilities render the product or service unable to prevent an attack by an internal or external party, resulting in exploitations such as controlling or disrupting operation, compromising (such as deleting, altering or extracting) data, or assuming ungranted trust or identity.

URC encourages coordinated disclosure of security vulnerabilities. Security researchers, industry groups, government organizations and vendors can report potential security vulnerabilities to URC as soon as they are discovered.

Customers and other entitled users of a product or solution should contact URC Technical Support by emailing techsupport@universalremote.com to report issues discovered in URC product and service offerings. If the URC Technical Support Team determines that a reported issue is a security vulnerability, it will contact and escalate the issue to URC’s product developments teams for coordinated collaboration to address the issue.

Third party researchers and other security entities, if you find a potential security vulnerability in URC assets, products and services, please email URC Technical Support at techsupport@universalremote.com