Comment by nashashmi
Look at what they are saying. They want to document all sorts of bugs in past products for future research purposes. And they want to draw attention to the product that it be replaced.
I agree putting such burdens on companies with little IT resources isn’t healthy for the company, its customers or anyone else. This is hostile.
If you put a product out in the field which can potentially be remotely exploited it’s on you to either patch it when someone does find an exploit or possibly open source everything so others can. If you genuinely can’t support it I guess you could put a self-destruct mechanism in which remotely bricks the device instead, just don’t expect your customers to be happy about it.