LG Product Security Response Process

When a security issue on an LG product or service is reported, the Product Security Response Team (PSRT) immediately starts working with LG development teams to resolve the issue.

The product Security Response staff will first determine which entity needs to be engaged. LG PSRT will work with partners, researchers, customers and other individuals as necessary, to help resolve the vulnerability issues and improve the process.

The following is an overview of the product security issue lifecycle, including the disclosure and resolution processes:

Discovery
LG PSRT is notified of a suspected vulnerability in LG products or services. We request our reporters to maintain strict confidentiality until complete resolutions are available and have been published by LG PSRT, in line with responsible disclosure practices. The reporter will be informed of all steps in the process.
Investigation/Analysis
LG PSRT reports the suspected vulnerability to the relevant product teams for verification. The product teams will attempt to reproduce the reported issue for an in-depth analysis of the situation. The PSRT team may collaborate with the reporter to gather as much detail necessary to ensure appropriate remediation.
Mitigation
LG PSRT and the relevant product teams together develop a schedule for the release date of the fixes based on the severity level of the vulnerability. The product team also develops the fixes.
Notification
The security update is released on LG Security Bulletins. A notification email will be sent out to those impacted by the vulnerability reported.

※ Please note: If your product or software is older or unsupported, you may not be provided with updates related to future security issues. We strongly recommend you to keep current with software updates.