Westermo encourages responsible reporting by individuals and organisations who experienced product security issue or discovered potential security vulnerabilities in products. Reporting parties are advised to provide sufficient details to allow Westermo to reproduce and validate the issue. Where possible, please include the following:
To report a vulnerability, please contact us via e-mail:
Westermo encourages the encryption of sensitive information that is sent in email messages. The following open source tools can be used to encrypt sensitive information to Westermo using the Westermo PSIRT PGP Key:
Windows, Gpg4win: https://www.gpg4win.org/documentation.html
Mac OSX, GPGTools: https://gpgtools.org
Key ID: E9E3B9F6
Fingerprint: D219740A08C9511A1D2FDA488B33387BE9E3B9F6
Westermo will acknowledge receipt of vulnerability reports usually within one business day. The acknowledgement will include a unique tracking number. Each vulnerability report will be handled following Westermo's standard process that includes initial triage, coordination and disclosure phases.
The complete Coordinated Vulnerability Disclosure Policy can be downloaded here >
Carl de Bruin
International Sales
For support inquiries, click here to contact Technical Support