Cookie
This website requires cookies to provide all of its features. For more information on what data is contained in the cookies, please see our Privacy Policy page. To accept cookies from this site, please click the Accept button below.
Reporting Guidlines
Security Issue Reporting Guidelines
Steps to Report a Vulnerability.
Please report any potential or real security vulnerability claim to the Yale Security Resources Team via email at productsecurity@assaabloy.com. Please encrypt your email with PGP and this public key.
Please include the information below in your email report:
- First and last name
- Company name
- Contact phone number (optional)
- Preferred email contact
- General description of vulnerability
- Product containing vulnerability (hardware & software versions), part numbers
- Tools, hardware and other configurations required to trigger the event
- Any security or service pack updates applied
- Document instructions to reproduce the event
- Sample code, proof of concept or executable used to produce event
- Definition of how the vulnerability will impact a user including how the attacker could breach security on-site
- Affected product
- System Details
- Technical Description and steps to reproduce
- Proof of Concept (provide link)
- Other parties and products involved
- Disclosure plans/Dates/drivers
- What was the purpose and scope of research being performed when found (context)?