Security update cycle

Information On How to Report Security lssues

Protecting our customers from threats to their security is always an important task for EVERCROSS. As a key player in globaNetworking and Smart Home markets, we wil do our utmost to provide our users with secure stable products andservices, and to strictly protect the privacy and security of their data.We welcome and encourage all reports related to product security or user privacy. We will follow establishedprocesses to address them and provide timely feedback.

 

Report Vulnerabilities to EVERCROSS

We strongly encourage organizations and individuals to contact EVERCROSS security team to report any potential securityissue.
To report a security or privacy vulnerability, please send an email to support@evercross.eu with the product model andsoftware version, describe the detailed security issue to us. EVERCROSS will endeavor to respond to the report within 5 business days.
EVERCROSS will need to obtain detailed information about the reported vuinerability fo more accurately and quickly baginthe verification process.

 

Responsible Reporting Guidelines

1. All parties to a vulnerability disclosure should comply with the laws oftheir country or region.
2. Vulnerability reports should be based on the latest released firmware, and preferably written in English.
3. Report vulnerabilities through the dedicated communication channel. EVERCROSS may receive reports from otherchannels but does not guarantee that the report will be acknowledged.
4. Adhere to data protection principles at all times and do not violate the privacy and data security of EVERCROSS usersemployees, agents, services or systems during the vulnerability discovery process.
5. Maintain communication and cooperation during the disclosure process and avoid discosing information aboutthe vulnerability prior to the negotiated disclosure date.
6. EVERCROSS is not currently operating a vulnerability bounty program.

How EVERCROSS Deals with Vulnerabilities

Awareness & Receipt→Verification→Remediation→Notification

EVERCROSS encourages customers, vendors, independent researchers, security organizations, etc. to proactively report anypotential vulnerabilities to the security team. At the same time, EVERCROSS will proactively obtain information aboutvulnerabilities in EVERCROSS products from the community, vulnerability repositories and various security websites. In orderto be aware ofvulnerabilities as soon as they are discovered.

EVERCROSS will respond to vulnerability reports as soon as possible, usually within 5 business days business days. EVERCROSS Security will work with the product team to perform a preliminary analysis and validation of the report todetermine the validity, severity, and impact of the vulnerability. We may contact you if we need more informationabout the reported vulnerability

Once the vulnerability has been identified, we will develop and implement a remediation plan to provide a solution for all affected customers

Remediation typically takes up to 90 days and in some cases may take longer.

You can keep up to date with our progress and the completion of any remediation activities.

EVERCROSS will issue a security advisory when one or more of the following conditions are met:

1. The severity of the vulnerability is rated CRlTlCAL by the EVERCROSS security team and EVERCROSS has completed thevulnerability response process and sufficient mitigation solutions are available to assist customers in eliminating alsecurity risks.
2. lf the yuinerability has been actively exploited and is likely to increase the security risk to EVERCROSS customers, or if thevulnerability is likely to increase public concern about the security of EVERCROSS products, EVERCROSS wil expedite the release ofa security bulletin about the yulnerability, which may or may not include a full firmware patch or emergency fix.

Information on Minimum Security Update Periods

The Support Period for EVERCROSS components is actively maintained considering security updates from Jan. 2024 to Jan. 2027.

*This list is constantly being updated and subject to change without notice.

Models	Versions	Description
EVERCROSS EV85F	V1.0	Unserer E-Scooter, der mit einem leistungsstarken 400W bürstenloser Motor und 36V 7,8AH HochwertigerBatterie ausgestattet ist, hat im Idealfall eine max Reichweite von 30 km und bis zu 20 km/h erreichen.
EVERCROSS EV06C/R11	V1.0	The stem of the EV06C/R11 electric scooter for kids can be adjusted between 0 - 8 inches at will, and the handlebars height is 29 - 37 inches.In addition, the maximum load is 132 LBS, which means that this e-scooter is tailor-made for children aged 6-12.