Responsible Disclosure
We provide a clear process for customers and researchers to report potential security vulnerabilities in AceiiLab connected products.


Security is a core part of every AceiiLab product. We are committed to protecting users through secure design, timely security updates, and responsible vulnerability handling.
We provide a clear process for customers and researchers to report potential security vulnerabilities in AceiiLab connected products.
AceiiLab provides security updates through firmware and software updates to help protect supported products over time.
We publish the defined support period for applicable products and will not shorten the period after publication.
When a potential vulnerability is reported, AceiiLab follows a structured process to review, investigate, and resolve the issue responsibly.
Customers or researchers report a potential security vulnerability found in an AceiiLab connected product.
If contact information is provided, AceiiLab will acknowledge receipt within 7 business days.
Our team reviews the report, validates the issue, and assesses the potential impact on affected products.
Where necessary, we prepare a firmware, software, or security update to address the confirmed issue.
The reporter will be informed when the reported issue can be considered resolved, where appropriate.
AceiiLab provides security updates for supported connected products through firmware, software, app, and cloud-service updates during the defined support period.
The products listed below are covered by the published security update support period.
The defined support period will not be shortened after publication.
If the support period is extended, the updated support period will be published on this page as soon as practicable.
You can report potential security vulnerabilities in AceiiLab connected products directly to our security team.
Reports may be submitted anonymously. No personal information is required to report a vulnerability.
Report by EmailYes. Reports may be submitted anonymously, and no personal information is required.
When possible, please include the product model, a description of the issue, the potential impact, and steps to reproduce the vulnerability.
This policy applies to AceiiLab internet-connected products listed on this page, including AceiiLab A1.
DoS or DDoS testing, physical attacks, social engineering, phishing, data destruction, service disruption, or tests that may impair access to systems or data are not permitted.
If contact information is provided, AceiiLab will acknowledge receipt of the report within 7 business days.
No. This contact is for security vulnerability reports only. For order, warranty, shipping, or product usage questions, please contact general customer support.
Country/region
Language