You have been redirected to your local version of the requested page

Vulnerability reporting

Metrohm product vulnerability disclosure

Metrohm’s product vulnerability disclosure program provides a channel to report any security vulnerabilities in Metrohm products.

Security is a high priority at Metrohm, and we are strongly committed to safeguarding our customers. Our goal is to timely analyze and validate reported issues and provide appropriate corrective actions.

When reporting a product security vulnerability, please include at least the following information for us to understand the scope and impact of the vulnerability:

  1. Name and version of the affected product or software
  2. Detailed instructions to replicate the vulnerability
  3. External vulnerability source or tool that detected the vulnerability
  4. Proof-of-concept or exploited code (if available)
  5. Potential implications of the vulnerability
  6. Possible mitigations

Upon successful receipt of the report, our security team will send an acknowledgment to the reporter and begin the process of analyzing, validating, and providing corrective actions to address the vulnerability.

All information received in the report is considered confidential. The information is shared only with the relevant stakeholders on a need-to-know basis.

Note! All security related concerns identified by existing customers and suppliers are handled through established direct channels. Customers and suppliers are therefore advised to reach out to their Metrohm contact directly.

Vulnerability reporting form

This field is required.
This field is required.
This field is required.

Insecure coding: Failure to sanitize user inputs, leading to vulnerabilities like SQL Injection or Buffer Overflows.

Design flaws: Fundamental architectural errors that unintentionally grant high access levels.

Outdated dependencies: Relying on third-party libraries and components with known vulnerabilities.

Default settings: Failing to change manufacturer default settings or configurations are insecure.

Cloud exposures: Over-permissive access controls or publicly exposed cloud storage buckets.


Privacy Policy

I allow Metrohm AG and its subsidiaries and exclusive distributors to store and process my data in accordance with its Privacy Policy and to contact me by e-mail, telephone, or letter to reply to my inquiry and for advertising purposes. I can withdraw this consent at any time by sending an e-mail to info@metrohm.com.

This field is required.