PSIRT & Security Advisories

Bucher Automation AG takes the security and integrity of its products very seriously. Therefore, we are grateful for any information regarding vulnerabilities and associated security risks.

To address potential vulnerabilities and minimize the risk to our customers, we rely on your assistance in identifying security issues. We encourage the reporting of any vulnerabilities found in our products or services.

Communication with the reporter is conducted transparently through the CERT@VDE security platform. The vulnerability will also be publicly available there. For more information about our partner, please visit their website.

Published Security Advisories:

You can find our published security advisories at the following link:

https://cert.vde.com/de/advisories/vendor/bucherautomation


Procedure

  1. Report
  2. Analysis
  3. Handling
  4. Disclosure

Report

Please report any identified security vulnerabilities to us. This can be done via email to psirt@bucherautomation.com or through the CERT@VDE platform. You will receive feedback on your report within 2 business days. Please create the report in German or English including the following information

  • Affected component or software with serial number or version number
  • Detailed description of the vulnerability 
  • Your email address for further inquiries or status updates

Analysis

Your report will first be reviewed and then forwarded to the relevant department. There, we will attempt to reproduce the issue and assess its criticality. If further information is needed, we will contact you.

Handling

We will carry out the vulnerability handling process and attempt to resolve the issue or mitigate its impact. As this process can be very demanding, please allow us some time. Once we have developed a satisfactory solution, we will inform the reporter.

Disclosure

The vulnerability can now be published. All relevant information regarding the vulnerability and the measures taken will be disclosed. With the reporter's consent, they will be acknowledged on our website for their cooperation.

Contact