Vulnerability Reporting

Security, Privacy & Openness

Security, privacy, and openness are extremely important to the Internet of Things and the Zigbee Alliance. In the spirit of our core values, we want to make sure there is a clear venue to report any potential security vulnerabilities.

 

Why report?

Vulnerabilities can cause a potential risk to users, and to the stability and reliability of devices and networks worldwide. Technologists inside and outside of the Zigbee Alliance community can help reduce risks by reporting potential vulnerabilities for our experts to investigate and address appropriately.

 

What do I need to report?

Include the following points when reporting a vulnerability:

  • A summary title of the issue
  • Description of the issue
  • Instructions on how to reproduce the issue
  • Alliance specification and version
  • Specific device model(s) involved

 

How do I report a vulnerability?

The most effective way to report a vulnerability is by sending the relevant information via email to: [email protected]. From there, our security experts will determine the appropriate next steps.

To help ensure privacy in our communications, please use the following public PGP encryption key:

Key ID: AUeE5dzMnj9y4nZ
Key fingerprint: C8D5 982D 7025 3529 8C1E AA0A 0A9B E65D C6A6 D116

-----BEGIN PGP PUBLIC KEY BLOCK-----
mQENBF7G2w4BCACmhUkr3ZsAWyWIVZjV+yRKSvfNM63l8gDUtnxWTnKuH+6XV1pR
fBVy0xgEZ2tkFZMToMb5M2ZQUH4TsBd+l2IyqruytiiZlEekguQwYjs01wFSXbti
1vgPpYPRknQHbdH7l1Hex9lRm3RmM4rKhhMTPL734ZfBoN6qeqpLO+7sPY8HSiQc
PJKl5r7Z8XIWivKf1eBXyVPdZYC+DyUUJPD6ukA6dSFTI1spSxcdMC0ePutMvjBf
N+u4QJ/RRfBMp91EglFGGkxgChqme2C6Pnth5dg0eMiO26TcqFYIY6UYI53meTeI
GkSRggMp3y7/5CgPJ9Q4RXmDmOLeWHXaeLV/ABEBAAG0IVppZ2JlZSBBbGxpYW5j
ZSA8aGVscEB6aWdiZWUub3JnPokBVAQTAQgAPhYhBMjVmC1wJTUpjB6qCgqb5l3G
ptEWBQJextsOAhsDBQkDwmcABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEAqb
5l3GptEW+aMH/iHG79qo3HftqihDcTkiH+BdWRuRVSD9BAO6LqiwgrUYQvSh/ujA
TPSTaJj0my4UkLgNqVpNU4xDiGmyVYCh8Dlv197+fjEykLEaLvdnTzMNhukN81RV
uk54WSJWoQYSz19F9S65aKooYy7u6u9oOIxS7V0ojYZELfv7UsokfRijwVnZCCF8
Ir7P8UF2dUlU43PliG8D2Wtgv1CHfMXHKrAtEjos8YlUfTX5zDkdkkSQ6j/Bux3P
xRb0WveRUwNvwN5KQRYEsgnIrk+WAFQNuktqauT16HjYiYeHM4lUp8LHdR0xgDvB
339DR8/tz5+ZcKgwxYR9s/qoLPWq++x5iZS5AQ0EXsbbDgEIAM26w7aORi3d5VmG
4WRC3bsSlVRn85tMSKAFbLFUQ/DOa4sB0f23s+zzG/9OAVT54doVKDbCBbQJId/I
BFl45TXTst1Vb5VC7016Ad3kO8J/lxVQGm2I1fwBxfPH1155lXOshbswaFMKLguu
H7ub8u/HlZCIXBTjuQPH42Wsqgn9bIbCc8xQHmJT0/dRoImrs0n8lZkqS/H6NtNw
NqCBdGqDyuzLW7Z2WRG4zKwscdq9zRSTBV1YQ+fQCc3o78beyq/4hD4/YjueSqwP
RaADIcA2/CeJcF/oHzTDcztcKKFhZ0P17+WRUEI3blXlnUHXg0F75LHOAsrHnzUZ
8588dUsAEQEAAYkBPAQYAQgAJhYhBMjVmC1wJTUpjB6qCgqb5l3GptEWBQJextsO
AhsMBQkDwmcAAAoJEAqb5l3GptEWKGkH/ivTkmFSy4KiQ9T1OmwENpr+b1VpD6Cc
lBpjPxxeP3BPEsVPLH/eztnXQE0gMhjKrr3W8dDI7lCGw6e62DKK3wblp7xA6tuJ
gq6lAmaDhHZHS6nJAknKqQ2S8W2ituiFSlNR18f4IMGbEUd1VA3Ssk5WGoeX7VUQ
e8vJ3iW2I49Vqh4mWidoITg00dUkmTmZoTY7C/Ctjgsc7CSBdCK2E11q8Moc/d1c
tsaeJbB1Q79dezEjYu2CohV9Os8Uu3FLrExMKuR31oYD5DMSIqk6PHMvjA7H8pFV
C4fq2xczIYiJNlGsiRN7RycX6pxUAoLZJCP0myeSSzWE+ls9Ncii9OA=
=S2oW
-----END PGP PUBLIC KEY BLOCK-----

Want to learn more about the Alliance?

About Us