Vulnerability Report
 
 

Report a vulnerability

Latest update: March 27, 2023 ID: 12429
 
 
 
 

Kaspersky policy on vulnerability reporting and disclosure

Kaspersky appreciates the important work of security researchers who identify and report potential vulnerabilities in Kaspersky products.

Security is critical to everything we do. We recognize the value that security researchers can provide in helping us maintain the high standard of security and privacy for our customers. This includes coordinating vulnerability research, mitigation, and disclosure. This policy outlines Kaspersky’s definition of good faith in the context of finding and reporting vulnerabilities, as well as what researchers can expect from us in return.

If you have discovered a security flaw in Kaspersky’s products, please report it to us so we can take the necessary measures to rectify the vulnerability as quickly as possible. Please report a vulnerability to us by emailing at Vulnerability@kaspersky.com or through our Bug Bounty program. To encrypt your message, please use this PGP key. Our BugBounty program is described here.

When you report, please have in mind these good practices:

  • Your contact details. Kaspersky specialists require information about how to address you and contact you for clarification of the data about the vulnerability you have discovered. 
  • The name of the product in which you discovered the vulnerability, along with its version number and your device’s operating system.
  • Describe in detail the vulnerability you have discovered so that we can determine the nature and scale of the issue.
  • Please tell us whether you are planning to give information about the vulnerability to a third party.

Kaspersky will analyze the information you provide, provide a timely initial response to your submission, work to remediate vulnerabilities in a timely manner, and inform you of the results.

We kindly request that you do not publish any information about the vulnerability until it has been fixed by our team.

 
 
 
 

Kaspersky Bug Bounty Program

 
 
 
 
 
Did you find what you were searching for?
Thank you for your feedback!