Last updated November 1, 2024
Coordinated Vulnerability Disclosure Policy

Roon Labs as a part of HARMAN is committed to protecting customer data and privacy by addressing vulnerability research promptly and effectively. We encourage security researchers to follow our coordinated disclosure policy when reporting security vulnerabilities. This policy applies to anyone who discovers or reports vulnerabilities in our products. It is based on and references practices outlined in the ISO/IEC 29147 standard for Vulnerability Disclosure.

Reporting Vulnerabilities

Reports should include as much detail as possible to help us evaluate your submission quickly. The following information is especially useful:

- A description of the issue and its potential impact

- The affected product(s) and software version(s)

- Step-by-step instructions for reproducing the issue

- An example or demonstration of the vulnerability

- Suggested actions for mitigation or resolution, if applicable

Security Software Updates