Security Issue Reporting Guidelines

Steps to Report a Vulnerability.

Please report any potential or real security vulnerability claim to the ASSA ABLOY Global Solutions Marine Product Security Team via e-mail at:  marine-security.globalsolutions@assaabloy.com.

Please encrypt your e-mail with PGP and this public key.

Please include the information below in your e-mail report:

• First and last name
• Company name
• Contact phone number (optional)
• Preferred e-mail contact
• General description of vulnerability
• Product containing vulnerability (hardware & software versions), part numbers
• Tools, hardware and other configurations required to trigger the event
• Any security or service pack updates applied
• Document instructions to reproduce the event
• Sample code, proof of concept or executable used to produce event
• Definition of how the vulnerability will impact a user including how the attacker could breach security on-site
• Affected product
• System Details (develop for range of ASSA ABLOY Global Solutions Marine products)
• Technical Description and steps to reproduce
• PoC (link)
• Other parties and products involved
• Disclosure plans/dates/drivers
• What was the purpose and scope of research being performed when found (context)?