The cyber security of our products is a top priority for REFORM.
 

The REFORM Vulnerability Disclosure Programme (VDP) will be published here shortly. The programme follows the principles of Coordinated Vulnerability Disclosure (CVD) and enables security researchers, customers and partners to report vulnerabilities in REFORM products in a responsible, structured and straightforward manner.

The REFORM VDP will meet all requirements of the EU Cyber Resilience Act (CRA) and provide a transparent process for receiving, evaluating, coordinating and resolving reported vulnerabilities.

 

Reporting vulnerabilities until the launch of the VDP

Until the official publication of the VDP, security-related reports on REFORM products can be sent to the following contact address:

ee(at)reform.at

Please note:

• Reports must relate exclusively to physical REFORM products (e.g. Metrac H75 or Muli T8X).
• Vulnerabilities on websites (e.g. www.reform.at) or other digital services from REFORM are not part of this reporting process
• REFORM treats all reports confidentially and in accordance with the requirements of the Cyber Resilience Act
   

We thank you for your support in the responsible disclosure of vulnerabilities and the continuous improvement of the security of our products.