The Haverford Product Security Incident Response Team (PSIRT) is responsible for receiving, investigating, and coordinating the disclosure of security vulnerabilities in Haverford products and services, including the brands PTZOptics and HuddleCamHD. We work with security researchers, customers, and partners to ensure vulnerabilities are addressed in a timely and responsible manner.
Reporting a Vulnerability
If you have discovered a potential security vulnerability in a Haverford product or service, we encourage you to report it to us promptly. We are committed to working with you to understand, validate, and remediate the issue.
To submit a vulnerability report, use our secure reporting form or send an email to cve-coordination@havsys.com. We request that you practice responsible disclosure and allow us a reasonable timeframe to investigate and address the vulnerability before any public disclosure.
Secure Communication
For sensitive vulnerability reports, we strongly encourage the use of encrypted email. Our PSIRT PGP/GPG public key is available below.
- cve-coordination@havsys.com
- Fingerprint
138C 9087 93F5 3B25 EA17 B735 EDEF 918E FB09 08F1- Public key
-----BEGIN PGP PUBLIC KEY BLOCK----- mQINBGogctgBEAC9m27pYgZNHU9ZEDHy7f/g6OB/mnvxPD5Ck6C/67E92NcNvRgE HiRMeQFRovrqWMxyGcl5MwarVLvpxjoQqqk1Yxw+AhUzq0RmF92sJv7BXM+8gLu0 ozJzU7LSn2dzI6cyYJZthFsEXoiHp8C2N93U3hLm2utqcxGWTDwWSa3cWCdxFdvf KcujpFqVlwjj/1HiP0Pi8DXGDYxSORvA0SNXGRh/eWBz5+liFeNZ8My1zowp22jL VJU0C4to3HFCCVspqC4VkLdbuI0qh8lWdFiO38EjIsKRU1AT4HnInGAkcbbaCJfq /GB0taa/8YaLc6seGNUv6yXR1+J1aMRuOn3BYs5eH59tAjV3WVka1svS8vM7gq0r 8Y7RVOnbDjeC1a+pOASvonFzAn/uotgZ3TY52TE+/WRk2zRCe+0rhk3H+NvJh3Oq PVPNIoyF1/HpouvxF9/lvAFMvuYnu9PlefKqbwHhkDyCVYuuSqOJT+ENg2qFlpjn xAIwt/ZNaaMI2qo5bIkzH2sAVhNt7Jm3bO5dg6JJyYDQgKhm332764cIfqtWsDJB HIM6PLZ0FICTlx02thBTHc7IvXwEd5Kh2bnzYj7uY2bMBuLkACb6lM2itdY8NB3q TrGrnk7HgI5xH2Ifx4+8z2/hRZgWz7ZX6lULD9dnGMBWM/TKyP2X2uMG0QARAQAB tF1IYXZlcmZvcmQgUFNJUlQgKENWRSBDb29yZGluYXRpb24gZW1haWwgZm9yIEhh dmVyZm9yZCBQU0lSVCkgPGN2ZS1jb29yZGluYXRpb25AaGF2ZXJmb3JkLmNvbT6J AlQEEwEKAD4WIQQTjJCHk/U7JeoXtzXt75GO+wkI8QUCaiBy2AIbAwUJA8JnAAUL CQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRDt75GO+wkI8eQPD/906VaK6VIKUyfZ y0lq6KIL6h3r1OMa+ozfCnDFm7Qwar73pI7FUiOz0LL4hZzKYlWTHFvfGHzkwQGJ yFzZlc7TQhN0zG840ZPrMi2mC5X6tgnYBAkQEmdYQyCBMjQNXwDk8EavZEDGFOxA vuKhOQOeWPLESoIKKB9dbnA9AudlL/XmLdl+BGhQyKk2sL2+HIqiFF8Top9Bk3oY 5yPmZ2TdryivsMmQMOIl7K9TA2/RNFCOqqb9aQfqGevYvckcw+xBcucxMw90rmGo o8mRP3B2QACMRhV79g+VUk49X9dQ+Q8VXIz2CJ0X3S9SJesyz/oEqla2zZi04trL kze6iF+CEe7DzBe+e0gyqUme0qtSRK/uwwMuEqBzbT47LxzIB60RMbqIFmoYGD/E mWXIyM8Cu7ennLXC117lKQa7VUud1Kd7+F2FSBGR/Gjlk2uK0pHsWIil6Q3haGj3 XmhPEax7JITlzMVBtA+Pgzed5O/jsjG56jUE2Bsl4I7qu0OiwqHNpRbpWMt6LHEE lFrSV0Gf2GIaK42eSL+Jw+MH8LXOxOCJKGFrA3OYaSIEjMfC0I3r6u1nVEayDKIx d+b1VoEGAUK0iJ8GNDMP5JP6CA2WCIO8GfmncnNoY988KyhHgO3SX+Q7BkUrjgfR Tir/hWa5/jKpPbUvTz27DIg54VOLa7kCDQRqIHOEARAAwChpRGjTkwm9Nbj0J25E TGQZ462wl9Q8uBZVoJ2erum7miEbMi5/Som/A+J/2W6FQ++ugwxUftbvg6Utirpn rrNhEQfmP3AtRfGgEWME1oOxXIHt9wyGTANG9YnUsL1hRcHKTd2Ez8rYkD4Zj0kW EG/9yDfg0jNkjcolrBozeyMCGBA8OEaNaNtq4rCOrm3g9W+Qytl8sjmBk2qxGUvX UZWkpXCZvxbwV6gZ9aoax930I6sQIPdB92z7+DCT+lRjvzmIMydqCoI6n8GpaN93 GXU+a3njtMttI4SZci2F9Jf4XJMXhEHCjoQ3+1KrbJBTGFYMDBr0Hf5LIGg0ZhQ1 ChCwwmnl4y62KEJZtGDeVY3klgOh7fdZS+yxSb63rHzQIJm8XUUUvP1tbmzsafPa K3PHRxB5fvVXTf4AAEb14XLwvfburuXWtoCyBovTieODhEJCAldmndo65lGJEPAH tFGfnBvVfgdt1vq7j1/ogZi8WnD3qqPBd93UScTYJaBWR/m8oX1QMmkO4hsjTNQQ yWYPv53V5DfulszZqNVPgP8i6LZpTMLhSmbCPU5TSFdU74CuP/w+sBEyjfQp/KyG U8hAQjxqZyZQvfLATf24mycw5bWbt/oLP164MN07OY+sw4BousGfgpjvJj8h1oNr U198LH3376qAVT01MCldWNMAEQEAAYkCPAQYAQoAJhYhBBOMkIeT9Tsl6he3Ne3v kY77CQjxBQJqIHOEAhsMBQkDwmcAAAoJEO3vkY77CQjxoRoP+wZGD8bHuaI1NxdE JqFFYbvkrkpBTShrExfhZCLLPzJ1Tt+eDSxAUGcn6iiCuNdk4re8DLOqcvmzbXro sfoquyHXIDyOuPs3muWMzYQ8NEyGlqXFhU5lFznqAgLA8kVXbznypC9icUL1uWwc GMXnF+j4gt9ZsNtuVuPpy8BVJVZ+KJPdg5Cf6/nHZ8C3I6OpBKhzOo2IVlmcxhel HUapOKFAA9JvLKboQouzC5kBBHcWayUqziisF2dfVzR2kBZtUDGXF4LFtqWCyMvY Tgq7P7ns96HXg6bolwP3QlEFdgvK7JS4XOsrlLbi7HP6pXC7piHWOFOCuChs3AOP SnU3fhmc//Et5QgDSPOJ7qYAiyu6OLAWxRnWWWVi6vNd/4Gd7Is1gHx0NvxpOtQE LQvbG5GONzLLx7FNUeqVrWKF1t4iruGjzQo/yh8jqO6V0lpJujpepbyFjnpFjgp/ pz0A9lZr/Xfr9iI0I8NejQz8Upfck3nmRqjONLGBeH3qJeg92kMSeEAoSwDUcbta YCJyQfqqKwZBNXO6QFWibZWUiIK+omnnMN10eRKhtCBPgMFlqfUuuDASXgMYSe0Q 39SgFwATf/N1bpkOr/z1LkY5JkkVNYRVzIuX+MOpEoGB1isM1PhTup6ylpS8eFu8 uPASj1oI9DwMIEdI7xl0daDO04O3 =vpXn -----END PGP PUBLIC KEY BLOCK-----
Download haverford-psirt-public-key.asc
Note: Encrypted submissions help protect the confidentiality of vulnerability details prior to remediation. Please use our public key when transmitting sensitive technical information.
Disclosure Policy
What to Include in a Report
To help us triage and investigate your report efficiently, please provide as much of the following information as possible:
- Affected product and version — the name and version of the Haverford product or service where the vulnerability was found.
- Vulnerability type — e.g., SQL injection, buffer overflow, authentication bypass, use-after-free.
- Description — a clear explanation of the vulnerability, including the component or endpoint affected.
- Steps to reproduce — a minimal, reliable reproduction procedure that allows our engineers to verify the issue.
- Proof of concept — code, scripts, screenshots, or logs that demonstrate the vulnerability (optional but encouraged).
- Impact assessment — your assessment of the potential impact, including affected data, systems, or users.
- Suggested fix — if you have a recommendation for remediation, we welcome it.
- Your contact information — so we can follow up with questions and coordinate disclosure credit.
You may submit reports anonymously; however, anonymous reports limit our ability to follow up or provide attribution.