You probably do not come from: Italy. If necessary, change to: United States
  1. Supporto tecnico
  2. Product security

Product security

Quality, reliability, security - three essential values from which trust grows. For this reason, ifm bases every action on these three values. The same applies for its products. And even if we cannot rule out security gaps 100 %, we do everything we can to get close to the ideal state.

Overview of the vulnerabilities

The following table contains security vulnerabilities of the ifm group of companies

Reporting a vulnerability

If you wish to send us a vulnerability report, please provide us with the following information:

  • Article incl. article number
  • Software version
  • Your first and last name
  • Name of the organisation
  • Country
  • Email address
  • Confirmation of indication as finder
  • Telephone number (optional)

In addition, we need a description of the vulnerability with the following information:

  • Configuration of the application
  • Description of the operating environment
  • Impact of the vulnerability
  • Detailed description of the vulnerability

Please send your message to psirt@ifm.com
These can be sent as PGP encrypted attachments.

 

The vulnerability management process of the ifm group defines the procedure for recording and processing vulnerability reports. In addition, the ifm PSIRT coordinates the provision of information on vulnerabilities with the articles of the ifm group of companies.
The ifm PSIRT analyses all incoming messages. Within 5 working days, the finder will receive feedback from the PSIRT. If required, further necessary information will be requested. If ifm does not receive a response within 60 working days, the request will be closed.
After validating the vulnerability, the impact and severity of the vulnerability is determined based on the available information, and appropriate countermeasures are developed.

Note: The time required to process a vulnerability can be influenced by its complexity. Based on the information, the cause of the vulnerability is identified and a suitable countermeasure is developed. 
The finder will be informed regularly, at the latest every 30 working days, about the current status of the processing. 
After a suitable countermeasure has been provided, a security message with all relevant information is made available on our PSIRT page and via our partner, the CERT@vde.

General enquiry on topics concerning product security

Privacy policy

Qui trovi le nostre normative sul trattamento dei dai personali