Categories
Knowledge Support Technical Advisory Bulletins exacqVision EDGE Support exacqVision Enterprise Other exacqVision Client exacqVision Server exacqVision Mobile exacqVision Webservice exacqVision Hardware Products exacqVision Integrations

Support procedure for reporting newly discovered cyber security vulnerabilities in Exacq Software 

This document will outline the procedures expected from Exacq Support staff in the event of discovering a previously unreported security vulnerability in an exacqVision product.

Product 

Any exacqVision product

Procedure:

  1. Verify the vulnerability has not already been properly reported at: https://www.johnsoncontrols.com/cyber-solutions/security-advisories
  2. Email the GPS (Global Product Security) team at: productsecurity@jci.com
    • Provide vulnerability analysis in this email and any relevant links
    • Provide customer details and contact information in this email
    • Provide software product and software versions in this email
    • CC the customer on the email
  3. Inform the customer you have notified the appropriate team (GPS) and will be closing the Support ticket.

Our Global Product Security team will then be responsible for following up with this customer and resolving vulnerability.

<br>