ASMPT SMT Solutions
  • Home

SMT topics in focus

SMT topics in focus

Coordinated Vulnerability Disclosure (CVD) Policy

If you believe you have identified a security vulnerability in one of our products, we encourage you to report it to us. ASMPT SMT Solutions takes the security of its products seriously and will handle vulnerability reports in a structured and responsible manner.

Vulnerability Reporting Channel

The central point of contact for reports of possible vulnerabilities is the Product Security Incident Response Team (PSIRT) of ASMPT SMT Solutions. This can be reached via

This reporting channel is continuously monitored.

The form below supports the entry of the required information for the vulnerability description.

What to include in your report

To help us process your report efficiently, please provide the following information:

  • Description of the vulnerability
  • Affected product and version
  • Steps to reproduce (if available)
  • Optional: your contact details for follow-up communication

How we handle vulnerability reports

ASMPT SMT Solutions processes vulnerability reports through defined steps:

  1. Receipt and Registration

    • All reports are recorded upon receipt and acknowledged within 48 hours.
  2. Validation and Assessment

    • Reports are evaluated to determine whether a vulnerability exists.
    • Relevant reports are classified based on impact.
  3. Remediation Planning

    • Appropriate mitigation or correction measures are defined.
  4. Implementation and Resolution

    • Identified measures are implemented.
  5. Communication and Disclosure

    • ASMPT SMT Solutions will keep reporters informed about the status of their report, including validation results and expected remediation timelines, where appropriate.
    • ASMPT SMT Solutions coordinates disclosure of vulnerabilities with the reporting party before public communication, where possible.
    • Actively exploited vulnerabilities and severe incidents are reported to the competent national authority or CSIRT without undue delay
    • Where necessary for the users, Security Advisories are published including description of the vulnerability, affected products and remediation or mitigation measures.

Scope

This policy applies to all ASMPT SMT Solutions products with digital elements placed on the European market, including related software and firmware.

Good faith / Safe Harbor

ASMPT SMT Solutions considers security research conducted in good faith and in accordance with this policy to be authorized.

Provided that reporters comply with this policy and do not cause intentional harm, no legal action will be taken.

Click here if you have an ASMPT login
SSO Login

The data provided here will be used exclusively for the provision of the service and for no other purposes. Further details can be found in our privacy policy

* Mandatory field

Best-in-class solutions

As the industry’s technology leader, ASMPT offers a broad portfolio of best-in-class products. Our solutions stand out with their perfect interaction of hardware, software and service components – powerful, smart, and ready to raise your production to a new level.

Wählen Sie Ihre bevorzugte Sprache

Deutsch | Englisch | Chinesisch

Choose your preferred language

German | English | Chinese

请选择语言

德语 | 英语 | 中文