PSIRT

PSIRT – Product Security Incident Response Team

The Festo PSIRT is a central team at Festo SE & Co. KG tasked with managing the investigation and disclosure of security vulnerabilities. All reports about possible vulnerabilities or other security incidents in connection with Festo products can be forwarded to the Festo PSIRT. The Festo PSIRT coordinates and maintains communication with everyone involved, both internally and externally, so that it can provide an appropriate response to any security problems that are identified.

Why should you report vulnerabilities?

Disclosing vulnerabilities enables us to fix these vulnerabilities and inform customers using the products in question about the fix. This approach can help us to keep making our products more secure and above all support Festo customers in managing security risks.

If you think you have uncovered a security vulnerability in a Festo product, please report it by email or using the contact form.

Please include the following information with your report:

  • Product line
  • Vulnerable version
  • Type of vulnerability (CWE-ID, CVE-ID if available)
  • Name of organisation
  • Email
  • Telephone
  • Country

What will happen to your report?

Festo will ensure that the information is sent to a select group of designated Festo employees with experience in dealing with incidents of this type: the Festo Product Security Incident Response Team (PSIRT). Neither unauthorised employees nor external users will have access to the information you send.

Festo will also ensure that the identity and contact details of the security expert are kept confidential and not published in public statements (advisories and bulletins) unless explicitly requested by the security expert. The Festo PSIRT will investigate the reported vulnerability and contact you as soon as possible.

Keep informed

The Festo PSIRT investigates all reports of security problems and publishes security advisories on validated security vulnerabilities that affect Festo products directly and require either a software update, software upgrade or another action by the customer. As part of ongoing efforts to support operators in addressing security risks and in ensuring the protected operation of systems, the Festo PSIRT publishes information that operators need to evaluate the ramifications of a security vulnerability.

Stay up to date with our security advisories

We publish information about vulnerabilities in Festo products and new or updated security advisories on our partner platform CERT@VDE .

Contact PSIRT – Product Security Incident Response Team

i
Describe the flaw
i
List the products and versions affected
i
Has the vulnerability been disclosed?
Field with asterisk (*) is mandatory