How to reach out
Should you find a security issue with a RHINO device, please reach out to security@rhinomobility.com for a prompt reply. The RHINO team appreciates and encourages responsible disclosure, and associated fixes released in updates will be credited accordingly.
What to submit
When reaching out, please provide:
- Name and (optionally) organisation
- RHINO model
- Android version & Software build number
- A detailed description
- A demonstrable proof of concept, if available
- Any additional feedback, as desired
Should the issue fall to a partner component, such as printer, scanner, or other integrated component, we welcome your report all the same.
Should you wish to provide videos, images, files, or other useful collateral, it is preferred to share these securely to avoid attachments being stripped in transit or intercepted. Please zip, encrypt, and password protect the contents you wish to share. We will at your request provide a OneDrive drop folder link to securely transfer data, or optionally you may use a preferred service for us to download from, securely.
CVE publication
RHINO Mobility is a registered CNA, as such all submitted & approved vulnerabilities will be published under releases for the affected device(s).
Response Time
For vulnerabilities reported via email, we will send you a vulnerability response confirmation within 48 hours, along with feedback related to the vulnerability via email. The progress of the vulnerability's solution development will also be continuously updated through email as soon as possible.
Note: Actual vulnerability response time may vary depending on the risk level and complexity of the vulnerability.