The Product Security Incident Response Team (PSIRT) at CTEK is the central contact for customers, partners, and researchers of a potentially identified cybersecurity vulnerability in any CTEK product or supporting system.
Vulnerability Handling Process
- The reporter will receive a confirmation and updates throughout the handling process.
- CTEK evaluates the potential vulnerability to identify the risk and impact to the product.
- CTEK develops a mitigation strategy for corrections of the reported vulnerability.
- A vulnerability disclosure is communicated as agreed between CTEK and the reporter.
Reporting a Potential Security Vulnerability
If you have discovered a potential security vulnerability in an CTEK product, please contact us at psirt@ctek.com. CTEK strives to send confirmation of reported vulnerabilities within 72 hours. If you have not received a response within that time, please resend your message.
Preferred information to be include in the email:
- Contact name and organization
- Name of the product
- Version information of the product
- Detailed description of the vulnerability
- Information of known exploits
- Your public PGP key
General support requests can not be answered on this email (psirt@ctek.com), please visit our support page to create a support request there.
Please encrypt all email communication with PSIRT using the below public PGP/GPG key:
Key fingerprint: 8A49 D284 9EA7 F335 1660 866E DE9E 8831 6A49 AA75
Expires: 2025-02-11
Public PGP/GPG key
To PGP/GPG encrypt the message, please use: GnuPG (free)