Vulnerability Reporting

Vulnerability Reporting Channel 

If you believe you have discovered a security or privacy vulnerability in the products of Midea, you can fill out the template and send the security issue directly to iotsecurity@midea.com. Normally, you will receive an email confirmation from Midea PSIRT within 24 hours, and wewill inform you of the progress of the issue handling based on the situation.

For valid security vulnerability reports, with the consent of the reporter, we will express ourgratitude in the official Security Advisory.

Service Contact Information:

Country/District Contact Information
Bulgaria +359896605066
Czech +420538880274
France 04429707 26
Greece 2108830666
Greece 2105145030
Italy 029624665
Poland +48800088680
Portugal 234329528
Romania +031-425.25.67
Singapore +65 6655 7666
Spain 934803322
UK 0333900 1101

Confidentiality Mechanism 

Given the sensitivity of vulnerability information, to ensure confidentiality, we recommend that you use PGP (Pretty Good Privacy) to encrypt the information sent to  iotsecurity@midea.com.  Our PGP public key (key ID: 590DB9D2C3427AEA; PGP fingerprint: 25D2 32D7 AD2A C93C 8E67 8C20 590D B9D2 C342 7AEA) can be obtained by clicking here.

Throughout the entire vulnerability handling process, Midea strictly control the dissemination of vulnerability information, sharing it only with relevant personnel. At the same time, we also request that the reporter keep the vulnerability information confidential until our customers obtain a complete solution.

Response Scope

This vulnerability handling process applies to all hardware, software products or services provided by Midea, including cloud platforms, apps or mini-programs on mobile phones, and hardware, software, and firmware of home appliances.