Product Security Incident Response Team

What is the EUCHNER PSIRT?
The EUCHNER PSIRT (Product Security Incident Response Team) is the central point of contact for reporting potential safety gaps in our products and services.
You can report any potential safety gap to the PSIRT.

What does the EUCHNER PSIRT do?
The EUCHNER PSIRT leads the internal examination and coordinates all the activities involved in analyzing and rectifying the safety problem. It publishes information in the form of security advisories on confirmed safety vulnerabilities and explains what action can be taken to minimize or rectify them.

How can I report a potential vulnerability?
Anyone can report potential vulnerabilities. We are grateful for any information you give us, whether you are a customer, installation planner, technical scientist or security expert.

Please always use the designated email address to report the issue: PSIRT@euchner.de

Some of our products are used in critical infrastructure, which is why we ask that you always engage with the EUCHNER PSIRT when disclosing potential vulnerabilities in order to minimize risks to the equipment. This gives us time to initiate any immediate measures to tackle and limit these hazards in direct consultation with those affected.

What information should I include in the report?
The information you give should be as precise as possible so that we can ensure our procedure is rapid and seamless. Please submit your report in either German or English.

We need to know the following:

  • Contact details (email and telephone number for queries)
  • Name of your organization
  • Affected product (please give order number, version number and serial number)
  • Type of vulnerability
  • How did you discover the vulnerability/what triggered the problem?
  • What is the impact of the vulnerability?
  • The vulnerability’s CVSS score (Common Vulnerability Scoring System)
  • Has the vulnerability already been reported? If yes, where and when?

We will of course treat all information as strictly confidential. We will pass on data only where this is necessary for an announcement. Please feel free to use the Traffic Light Protocol (TLP) when sharing information.