Our commitments in terms of cybersecurity

Faced with increasingly strong market requirements for cybersecurity and observing growing and complex attacks on infrastructures within companies and industrial systems, Etic Telecom has placed at the heart of its strategy a process of continuous cybersecurity improvement.

This commitment leads Etic Telecom to include in its short-term roadmap the obtaining of different labels:

ISO 27001 certification: The protection of the assets constituting the information system and the methods of product development is the basic foundation for any company.

CSPN certificate (ANSSI) initially on routers (RAS & IPL families): this label guarantees a level of product security that meets market expectations.

Cybersecurity policy

Cybersecurity in the product mix

For years, the company has aimed to produce 4S products that must be:

Simple (intuitive HMI)
Solid (5 year warranty)
Sober (low consumption)
and Safe (Cybersecurity)

Technology watch

Etic telecom performs a constant watch in house or with the help of leading partners of the sector.

Publication of vulnerabilities

The company publishes and monitors vulnerabilities (see list below). In a process of continuous improvement, we invite you to report any faults to us at the following address:

cyber@etictelecom.com

Pentests

The company performs pentests on the occasion of each firmware release.

Do not hesitate to contact us for more information.

ETIC TELECOM SECURITY ADVISORIES

ID

Product

Description

Download link

V2405
RAS/IPL/SIG
Cross Site Request Forgery
V2404
RAS/IPL/SIG
Clear Text Credentials
V2403
RAS/IPL/SIG
Persistent Cross Site Scripting site_name
V2402
RAS/IPL/SIG
Reflected Cross Site Scripting get_view
V2401
RAS/IPL/SIG
Reflected Cross Site Scripting method
V2301
RAS/IPL/SIG
Insecure default initialization of web portal
V2203
RAS/IPL/SIG
Privilege Escalation
V2202
RAS/IPL/SIG
Malicious File Upload
V2201
RAS/IPL/SIG
Directory Traversal
V2002
RAS/IPL/SIG
Stored XSS vulnerability
V2001
RAS/IPL/SIG
Packages with known vulnerabilities

Product

RAS/IPL/SIG

Description

Insecure default initialization of web portal

Product

RAS/IPL/SIG

Description

Privilege Escalation

Product

RAS/IPL/SIG

Description

Malicious File Upload

Product

RAS/IPL/SIG

Description

Directory Traversal

Product

RAS/IPL/SIG

Description

Stored XSS vulnerability

Product

RAS/IPL/SIG

Description

Packages with known vulnerabilities