Contact

For better and fast Service, please complete the form below. We will contact you shortly.
Note. Fields marked with a star ( * ) are required.

We investigate all internally and externally reported security issues and provide security advisories for all validated security vulnerabilities. These advisories allow our customers and partners to assess the impact of the vulnerabilities and take appropriate action.

In case of security issues, we welcome all reports about security-related issues incidents and privacy concerns. Please fill in the information below about the issue you wish to report in the message column.

*Required

* Name

* Last Name

* E-mail

* Company

Department/Title

* Industry

Phone

* Country

Address

* Subject

* Product of interest

Embedded Boards

Industrial Box PC

Industrial HMI

Handheld Device & Tablet

Medical Computing

Message

Subscribe to eNewsletter

Get updates and news from ARBOR’s monthly eNewsletters for new product highlights, market insights and tips for your application.

I have read and agreed with ARBOR's Privacy Policy.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Reporting a Vulnerability

In your report, please include:

The product in question (product model, website, IP, or page where the vulnerability is present).
A brief description of the vulnerability type, such as “XSS vulnerability.”
Steps to reproduce the vulnerability. These should be safe, non-destructive proof of concepts to ensure accurate and prompt triage. This also helps to prevent duplicate reports or malicious exploitation of vulnerabilities.

What to Expect

After submitting your report, we will acknowledge receipt within 5 working days and aim to triage your report within 15 working days. We will also keep you updated on our progress.

The priority for remediation is determined by the impact, severity, and complexity of the exploit. Please note that addressing vulnerability reports may take some time. You are welcome to inquire about the status, but we ask that you do so no more than once every 14 days to allow our teams to focus on remediation.

We will inform you when the reported vulnerability has been resolved, and you may be invited to verify that the solution adequately addresses the issue.

Once your reported vulnerability has been resolved, we welcome requests for public disclosure. We aim to provide unified guidance to affected users, so please coordinate any public releases with us.

Conduct Guidelines

You must NOT:

Violate any applicable laws or regulations.
Access excessive or unnecessary amounts of data. Modify data within ARBOR's systems or services.
Use invasive or destructive scanning tools.
Attempt or report any form of denial-of-service attacks, such as overwhelming a service with high volumes of requests.
Disrupt ARBOR's services or systems.
Submit reports of non-exploitable vulnerabilities or those indicating non-compliance with “best practice” guidelines, such as missing security headers.

You must:

Adhere to data protection rules and not violate ARBOR's Privacy Policy concerning users, staff, contractors, services, or systems. For example, do not share, redistribute, or improperly secure data retrieved from our systems or services.
Securely delete all data retrieved during your research as soon as it is no longer needed, or within one month of the vulnerability being resolved, whichever comes first (or as required by data protection laws).

Legal Considerations

This policy aligns with common practices in vulnerability disclosure. It does not grant you permission to act in a manner inconsistent with the law or that could cause ARBOR or its partners to breach any legal obligations.