search

eclipse-threadx / netxduo

Eclipse ThreadX - NetXDuo is an advanced, industrial-grade TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications
https://github.com/eclipse-threadx/rtos-docs/blob/main/rtos-docs/netx-duo/index.md
MIT License
242 stars 137 forks source link

Problem with security vulnerability report #225

Closed 0xdea closed 9 months ago

0xdea commented 9 months ago

I've recently reported a potential security vulnerability in Azure RTOS NetX Duo to MSRC (https://msrc.microsoft.com/report/vulnerability/VULN-115702), but I've got the following reply:

Thank you for contacting the Microsoft Security Response Center (MSRC). We appreciate your support in protecting Microsoft and our customers.

We have investigated your report, and it appears that the site in question is not a Microsoft owned repository.

I've written back because this is evidently a mistake (and this is especially weird because I have other open reports with Azure RTOS), but I haven't got a reply yet and my report is now marked as closed/complete.

Please advise if I should I open an issue with my report here instead. Thank you.

TiejunMS commented 9 months ago

@0xdea , thanks for submitting security vulnerability in Azure RTOS. Please continue the discussion with MSRC team in the link you provided.