Report a security issue

barox takes the security of its products seriously. Customers, partners, security researchers and third parties can use this page to confidentially report vulnerabilities and security issues in barox products to our product security team.

Go to the report form

What is this form for?

For reporting vulnerabilities, security-relevant malfunctions or configuration issues in barox products (switches, media converters, accessories) and their firmware. For general support requests, please use the regular support channels.

Coordinated Vulnerability Disclosure

We follow the principle of coordinated disclosure: we confirm receipt of your report, investigate it with priority, keep you informed of progress on request, and coordinate the timing of any publication with you. We ask you not to publish details of the vulnerability before a fix is available. We will not pursue legal action against reporters who act in good faith and follow these principles.

Important note on confidential data

Do not submit confidential customer data, passwords or production credentials. Replace such values in logs and screenshots with placeholders. Personal data must be limited to what is strictly necessary.

Anonymous reporting available

You may report anonymously. However, without contact details we cannot ask follow-up questions or keep you informed about the status of your report.

EU Cyber Resilience Act

As a manufacturer, barox handles vulnerability reports in accordance with the EU Cyber Resilience Act (CRA), including the notification obligations towards the competent authorities for actively exploited vulnerabilities and severe security incidents.