If you have identified a potential security vulnerability or security issue affecting one of our products, please contact our Product Security Incident Response Team (PSIRT) using one of the methods below.

What to Report 

Please use this contact channel for:

• Suspected security vulnerabilities
• Actively exploited weaknesses
• Security configuration flaws
• Authentication or authorization bypass issues
• Cryptographic weaknesses
• Supply chain security concerns related to our products

For general technical support, please use our regular support channels at: https://support.lauterbach.com/

What to Include in Your Report 

To help us assess and address the issue efficiently, please include:

• Product name and order number
• Version of installed firmware (as shown in VERSION.HARDWARE window)
• A detailed description of the vulnerability
• Steps to reproduce (if applicable)
• Potential impact - Proof-of-concept (if available)
• Your contact information for follow-up (optional)

If you prefer encrypted communication, please request our PGP key via email or web form.

Anonymous Reporting Option 

You may choose to provide your contact information or submit a report anonymously. Please note that if you submit a vulnerability report without contact details, our ability to assess, clarify, and effectively address the issue may be limited. In some cases, this may prevent us from fully processing the report. 

Our Vulnerability Handling Process 

Upon receiving your report, we will: 

• Acknowledge receipt without undue delay
• Assess and triage the reported issue 
• Contact you, where possible, to request additional information or clarification 
• If the vulnerability is confirmed, develop and provide appropriate mitigation measures or security updates - Where applicable, coordinate disclosure in a responsible manner 

We handle all vulnerability reports in good faith and expect reporters to act responsibly. In particular, reporters should refrain from exploiting vulnerabilities beyond what is necessary to demonstrate their existence. 

Please note the following:

• If a reporting entity does not respond to requests for technical or content-related clarification, our ability to process the report may be limited or, in some cases, not possible
• Anonymous reports may be processed only to a limited extent, as we may be unable to request additional information or clarification
• In the case of anonymous reports, statutory response timelines under the EU Cyber Resilience Act (CRA) may not apply 

Legal Notice 

This Product Security Contact serves as the designated single point of contact for security related communication under Article 13(17) of the Cyber Resilience Act. This channel is intended exclusively for security vulnerability reporting. It does not replace customer support or commercial communication channels. 

Security Advisories & Updates 

You may subscribe to security vulnerability notifications via our Customer Portal.

Single Point of Contact for Security Matters

In accordance with Article 13(17) of the Cyber Resilience Act (CRA), we provide a designated Single Point of Contact (SPOC) for reporting vulnerabilities and other security-related matters.

You may contact our Product Security team using your preferred communication method. To facilitate efficient handling of your request, please provide as much relevant information as possible.

Email:

psirt@lauterbach.com

Contact Form

Postal Address: 

ローターバッハGmbH 

Product Security Incident Response Team (PSIRT)

Altlaufstr. 40

85635 Höhenkirchen-Siegertsbrunn 

Germany

We encourage responsible disclosure and will handle all submissions in a timely and confidential manner.