LEM PSIRT

Product Security Vulnerability

The LEM Product Security Incident Response Team (LEM PSIRT) oversees the process for receiving and responding to reports of potential security vulnerabilities in LEM hardware and software products. LEM PSIRT is committed to resolving identified security issues promptly and providing thorough guidance on mitigation strategies and solutions as necessary. Stakeholders who identify potential security vulnerabilities in our products are encouraged to contact LEM PSIRT directly.

How to report a potential security vulnerability

To report a potential security vulnerability, please send a report at: productsecurity@lem.com

All exchanges and reports must be provided in English. LEM International SA., acting on behalf of itself, its affiliates, and subsidiaries of LEM Holding SA (collectively referred to as “LEM”), is committed to addressing all reports of potential security vulnerabilities and related communications (“Report(s)”) with the utmost seriousness. To effectively evaluate your Report (“You” and “Yours” refer to you, your employer, and all associated affiliates, subsidiaries, and related entities), and to take any actions deemed necessary, LEM requires Your authorization and rights to process this information. By submitting Your Report to LEM, You confirm Your authority to do so and grant LEM the rights to use the Report for activities related to security vulnerability assessment, verification, remediation, documentation, and any other pertinent functions or purposes.

In order for LEM PSIRT to process a reported potential security vulnerability, the following information is required:

  • LEM product identification, including part number or product reference and version (hardware or software)
  • Detailed technical description of the potential vulnerability, as well as any associated known exploits
  • Method and timing of the discovery of the potential vulnerability
  • Information regarding any public disclosures already made or planned
  • Contact information for use throughout the process

Insufficient information may prevent LEM from evaluating the request.

Potential vulnerability management process

LEM PSIRT will address reported potential security vulnerabilities in accordance with the established process outlined below:

  1. Reporting a new vulnerability: LEM PSIRT will acknowledge receipt of the reported issue.
  2. Evaluation: LEM PSIRT will assess the reported potential vulnerability to determine if an issue exists, conduct analysis, and assign a priority for managing valid issues. LEM PSIRT may contact you if additional information or clarification is required regarding the original report.
  3. Solving: LEM PSIRT will investigate potential solutions and mitigations to address valid issues.
  4. Communicating: Once a solution is available (fix or mitigation), LEM PSIRT will communicate back to You and others where appropriate.

If you wish to find out more about the security status of a particular LEM product, please contact your LEM sales representative.