Report a Security Vulnerability

Last Updated: January 2026

Security vulnerabilities relating to Wyze products are actively managed through a well-defined process. The time to respond varies based on the scope and priority of the issue. The process consists of 4 key steps:

  1. Reporting: The process begins when the Wyze Cybersecurity team becomes aware of a potential security vulnerability in a Wyze product or service. The reporter receives an acknowledgement and updates throughout the handling process.

  2. Evaluation: The Wyze Cybersecurity team confirms the potential vulnerability, assesses the risk, determines the impact and assigns a processing priority. If the vulnerability is confirmed, the priority determines how the issue is handled throughout the remaining steps in the process.

  3. Solution: Working with the product team, the Wyze Cybersecurity team develops a solution that mitigates the reported security vulnerability. Solutions will take different forms based on the vulnerability. In cases where a vulnerability is being actively exploited, Wyze may deliver a temporary solution to contain the issue while working on the full solution

  4. Communication: The Wyze Cybersecurity team publishes a security advisory for severe issues. Less severe issues are communicated through other methods.

Wyze is committed to protecting the security of our products and our customers. We welcome reports of potential security vulnerabilities and take all submissions seriously.

If you believe you have identified a security issue affecting a Wyze product or service, please report it to us using the contact information below.

How to Report a Vulnerability

Please email your security report to:

📧 security@wyze.com

When submitting a report, we recommend including:

  • A clear description of the issue

  • The affected product or service

  • Steps to reproduce the issue, if known

  • Any relevant screenshots, logs, or proof-of-concept information

Providing complete and accurate information helps us investigate and resolve issues more efficiently.

What to Expect After You Submit a Report

Wyze follows a responsible vulnerability handling process. After you submit a security report, you can expect the following:

  • Acknowledgement
    We will acknowledge receipt of your report within 48 hours (business days).

  • Assessment and Investigation
    Our security team will review the report to validate the issue and assess its impact and severity.

  • Status Updates
    We will provide updates at least once every 7 days while the vulnerability is under investigation or being remediated.

  • Resolution Timeline
    For confirmed vulnerabilities, we aim to resolve or mitigate issues within approximately 3–4 weeks, depending on the nature, severity, and complexity of the issue.

  • Fix Deployment
    Where applicable, security fixes may be delivered through firmware updates, service updates, or other mitigations.

Please note that some issues may require additional time to resolve due to complexity, third-party dependencies, or coordinated remediation efforts. In such cases, we will continue to provide regular updates until the issue is resolved.

Responsible Disclosure

We ask that security issues be reported responsibly and not publicly disclosed until we have had a reasonable opportunity to investigate and address the issue. Wyze is committed to working in good faith with reporters to resolve security concerns.

No Impact on Warranty or Support

Reporting a security vulnerability will not affect your product warranty or access to customer support.