For congatec, the security of our products is important, and we take any potential security vulnerability seriously. We are committed to continuously enhancing the security measures of our products. congatec ensures that customers are promptly informed of any potential security vulnerability.

If you identify any vulnerabilities in our products, please report them via the following email: compliance@congatec.com. For any security vulnerability reported to congatec, we will provide further details and actions in a timely manner via a dedicated ticket or email

To help us properly evaluate a potential security vulnerability, please include the following information in your email:

1. Your contact information and availability
2. The affected congatec product, including part number, name, revision, and/or version (hardware and software).
3. A complete technical description of the potential vulnerability, including any known related exploits.
4. Step-by-step instructions to reproduce the issue.
5. Details on how and when the potential vulnerability was discovered.
6. Any public information already published or planned for publication (e.g., CVE, academic paper, etc.)

1. Notification: congatec receives the report and acknowledges its receipt.
2. Review: congatec reviews the report to determine whether a congatec product may be affected and whether the information provided is sufficient for investigating the issue. We may contact the submitter if further clarification or additional information is needed.
3. Technical analysis: congatec's technology department investigates the potential vulnerability.
4. Corrective action: If the vulnerability is verified, congatec will take appropriate actions to remedy the issue.
5. Disclosure: When appropriate, congatec will disclose information about the verified vulnerability and may publish countermeasures or workarounds, depending on the severity of the issue.