Reporting Guidelines

Security Issue Reporting Guidelines


Steps to Report a Potential Vulnerability.

Please report any potential or real security vulnerability claim to the ASSA ABLOY Opening Solutions Iberia Security Resources Team via e-mail at  productsecuritycenter.iberia@assaabloy.com

Please encrypt your e-mail with PGP and this public key.

Please include the information below in your e-mail report:

  • First and last name
  • Company name
  • Contact phone number (optional)
  • Preferred e-mail contact
  • General description of potential vulnerability
  • Product containing potential vulnerability (hardware & software versions), part numbers
  • Tools, hardware and other configurations required to trigger the event
  • Any security or service pack updates applied
  • Document instructions to reproduce the event
  • Sample code, proof of concept or executable used to produce event
  • Definition of how the potential vulnerability will impact a user including how the attacker could breach security on-site
  • Affected product
  • System Details (develop for range of ASSA ABLOY Opening Solutions Iberia products)
  • Technical Description and steps to reproduce
  • PoC (link)
  • Other parties and products involved
  • Disclosure plans/Dates/drivers
  • What was the purpose and scope of research being performed when found (context)?