The Festo PSIRT is a central team at Festo SE & Co. KG tasked with managing the investigation and disclosure of security vulnerabilities. All reports regarding possible vulnerabilities or other security incidents in connection with Festo products can be forwarded to the Festo PSIRT. The Festo PSIRT coordinates and maintains communication with everyone involved, both in-house and externally, so that it can implement an appropriate response to any security problems that are identified.
Disclosing vulnerabilities enables us to fix these vulnerabilities and inform customers who are using the products in question about the fix. This approach can help us to keep making our products more secure, and above all to support Festo customers in managing security risks.
If you think you have uncovered a security vulnerability in a Festo product, please report it by e-mail or using the contact form.
Please include the following information with your report:
Festo will ensure that the information you provide is sent to a select group of designated Festo employees with experience in dealing with incidents of this type: the Product Security Incident Response Team (PSIRT). No unauthorized employees or external users will be able to access to the information you send us.
Festo will also ensure that the identify and contact details of the security expert in question are kept confidential and not published in public statements (advisories and bulletins) unless explicitly requested by said security expert. The Festo PSIRT will investigate the reported vulnerability and contact you as soon as possible.
The Festo PSIRT investigates all reports of security problems and publishes security advisories on validated security vulnerabilities that directly affect Festo products and require either a software update, a software upgrade or other action on the part of the customer. As part of our ongoing efforts to support operators in addressing security risks and in ensuring the protected operation of systems, the Festo PSIRT publishes information that operators need in order to evaluate the ramifications of a security vulnerability.
Stay up to date with our security advisories
We publish information regarding vulnerabilities in Festo products and new or updated security advisories on our partner platform CERT@VDE .