Vulnerability reporting

The importance of security

WIKA is a renowned partner and competent specialist for all tasks in the field of measurement technology. With ever increasing efficiency, innovative technologies are used in the development of new products and system solutions. We consistently prioritise security and collaborate with leading security providers to offer our customers a complete end-to-end security solution.

Security is becoming increasingly important across the various industries where our products and solutions are used, for a variety of reasons. Given these risks, it is essential to prioritise and define security requirements early in the development process. WIKA provides security features that ensure the successful implementation of the required security level for your solution. 

WIKA is committed to resolving security vulnerabilities in order to meet the requirements of our customers and applicable industry regulations. If you have discovered a potential security vulnerability in a WIKA product or service, please submit a report.

Choose the right WIKA security incident response team

At WIKA we have established a dedicated team handling product-related reports: the PSIRT. In any other case or if in doubt, CSIRT is the place to go. Both teams work hand in hand.

Choose PSIRT for reporting vulnerabilities in:

  • WIKA products and firmware
  • WIKA software and services directly associated with them
  • WIKA product related cloud offerings

Choose CSIRT in any other case, e.g.:

  • Websites (including shops)
  • Other services
  • To verify emails from WIKA that look suspicious to you

Important: This form is intended solely for reporting security vulnerabilities. Technical questions will neither be answered nor forwarded to customer service. Please contact our customer service for assistance with technical issues.

Product Security Incident (PSIRT)

WIKA's Product Security Incident Response Team (PSIRT) response to reported security vulnerabilities in WIKA products (hardware and software), services related to products and documentation. 

The ability to upgrade, patch and fix WIKA products in the field varies depending on the product, and may, in some cases, only be possible through functional upgrades in the next product version. 

WIKA intends to notify affected customers, when appropriate, about the vulnerability either through targeted communication or through public communication, as a security advisory. For this we are partner with CERT@VDE.

WIKA is committed to treating your report confidentially and to work with you to find a solution.

The PSIRT handles reported security vulnerabilities through the following process:

  • Receipt of security vulnerabilities from an external or internal source
  • Sending an acknowledgment and initial feedback within two working days
  • Technical assessment of the reported vulnerability
  • Sending detailed feedback whether the vulnerability was confirmed or rejected
  • Solution development
  • Coordinated publication as a security advisory, in consultation with the reporting party

Reporting a vulnerability
Please answer the following questions or report to CERT@VDS directly.    

Our commitment

We follow a cooperative and fair approach. We are happy to name you as the discoverer of the vulnerability, if you wish. We publish security information transparently via CERT@VDE.

IT Security Incident (CSIRT)

WIKA's Computer Security Incident Response Team (CSIRT) is the general-purpose team for follow-up on security vulnerabilities reports not related to WIKA’s own products. You may also report emails coming from WIKA, that look suspicious to you.

We are committed to a coordinated vulnerability disclosure process, also known as responsible disclosure. We will work closely together with you for the best results.

To report a security vulnerability or e-mail, please answer the following questions.