Reporting a Vulnerability
A clear venue to report potential security vulnerabilities.
Why report?
Vulnerabilities pose a potential risk to users and to the stability and reliability of devices and networks worldwide. Input from both internal and external resources plays a critical role in ensuring the security and overall quality of open standards continually evolves. We welcome vulnerability reporting and feedback from institutes, universities, and security professionals. The Alliance and its members are grateful for public checks on technology which allow our experts to investigate and address appropriately.
What to Include
Summary title of the issue
Description of the issue
Instructions on how to reproduce the issue
Alliance specification and version
Specific device model(s) involved
How to Report
The most effective way to report a vulnerability is by sending the relevant information via email to: [email protected]. Our security experts will review and determine next steps.
To help ensure privacy in our communications, please use the following public PGP encryption key:
Key ID: AUeE5dzMnj9y4nZ
Key fingerprint: C8D5 982D 7025 3529 8C1E AA0A 0A9B E65D C6A6 D116
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQENBF7G2w4BCACmhUkr3ZsAWyWIVZjV+yRKSvfNM63l8gDUtnxWTnKuH+6XV1pR
fBVy0xgEZ2tkFZMToMb5M2ZQUH4TsBd+l2IyqruytiiZlEekguQwYjs01wFSXbti
1vgPpYPRknQHbdH7l1Hex9lRm3RmM4rKhhMTPL734ZfBoN6qeqpLO+7sPY8HSiQc
PJKl5r7Z8XIWivKf1eBXyVPdZYC+DyUUJPD6ukA6dSFTI1spSxcdMC0ePutMvjBf
N+u4QJ/RRfBMp91EglFGGkxgChqme2C6Pnth5dg0eMiO26TcqFYIY6UYI53meTeI
GkSRggMp3y7/5CgPJ9Q4RXmDmOLeWHXaeLV/ABEBAAG0IVppZ2JlZSBBbGxpYW5j
ZSA8aGVscEB6aWdiZWUub3JnPokBVAQTAQgAPhYhBMjVmC1wJTUpjB6qCgqb5l3G
ptEWBQJextsOAhsDBQkDwmcABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEAqb
5l3GptEW+aMH/iHG79qo3HftqihDcTkiH+BdWRuRVSD9BAO6LqiwgrUYQvSh/ujA
TPSTaJj0my4UkLgNqVpNU4xDiGmyVYCh8Dlv197+fjEykLEaLvdnTzMNhukN81RV
uk54WSJWoQYSz19F9S65aKooYy7u6u9oOIxS7V0ojYZELfv7UsokfRijwVnZCCF8
Ir7P8UF2dUlU43PliG8D2Wtgv1CHfMXHKrAtEjos8YlUfTX5zDkdkkSQ6j/Bux3P
xRb0WveRUwNvwN5KQRYEsgnIrk+WAFQNuktqauT16HjYiYeHM4lUp8LHdR0xgDvB
339DR8/tz5+ZcKgwxYR9s/qoLPWq++x5iZS5AQ0EXsbbDgEIAM26w7aORi3d5VmG
4WRC3bsSlVRn85tMSKAFbLFUQ/DOa4sB0f23s+zzG/9OAVT54doVKDbCBbQJId/I
BFl45TXTst1Vb5VC7016Ad3kO8J/lxVQGm2I1fwBxfPH1155lXOshbswaFMKLguu
H7ub8u/HlZCIXBTjuQPH42Wsqgn9bIbCc8xQHmJT0/dRoImrs0n8lZkqS/H6NtNw
NqCBdGqDyuzLW7Z2WRG4zKwscdq9zRSTBV1YQ+fQCc3o78beyq/4hD4/YjueSqwP
RaADIcA2/CeJcF/oHzTDcztcKKFhZ0P17+WRUEI3blXlnUHXg0F75LHOAsrHnzUZ
8588dUsAEQEAAYkBPAQYAQgAJhYhBMjVmC1wJTUpjB6qCgqb5l3GptEWBQJextsO
AhsMBQkDwmcAAAoJEAqb5l3GptEWKGkH/ivTkmFSy4KiQ9T1OmwENpr+b1VpD6Cc
lBpjPxxeP3BPEsVPLH/eztnXQE0gMhjKrr3W8dDI7lCGw6e62DKK3wblp7xA6tuJ
gq6lAmaDhHZHS6nJAknKqQ2S8W2ituiFSlNR18f4IMGbEUd1VA3Ssk5WGoeX7VUQ
e8vJ3iW2I49Vqh4mWidoITg00dUkmTmZoTY7C/Ctjgsc7CSBdCK2E11q8Moc/d1c
tsaeJbB1Q79dezEjYu2CohV9Os8Uu3FLrExMKuR31oYD5DMSIqk6PHMvjA7H8pFV
C4fq2xczIYiJNlGsiRN7RycX6pxUAoLZJCP0myeSSzWE+ls9Ncii9OA=
=S2oW
-----END PGP PUBLIC KEY BLOCK-----
An Empowered & Engaged Developer Community
Join the thousands of individuals contributing to the ongoing development of specifications that help bring great products to market. With our Members’ deep and diverse expertise, robust certification programs, a full suite of open IoT solutions, and a community working together to grow and improve the IoT, the Alliance is leading the movement toward a more intuitive, connected, secure, and useful world.
Certification Creates Confidence
Certification validates compliance with a Connectivity Standards Alliance specification. It also allows for the use of Certified Product logos on packaging and products, building trust and confidence with customers and consumers.
Let’s Connect
Have a question? We’re here to help.