PSIRT Vulnerability Disclosure

Wärtsilä recognises that the work the researcher community does is important in continuing to ensure safety and security of our customers. We accept vulnerability reports related to our solutions. Wärtsilä hopes to develop and maintain an open partnership with the security community.

We accept vulnerability disclosure reports for the following:

• Wärtsilä products & solutions
• Wärtsilä public web site (wartsila.com)
• Wärtsilä customer digital channels

We openly accept vulnerability reports for stated scope of the vulnerability disclosure policy. We agree not to pursue legal action against individuals who:

• Engage in good faith testing without harming Wärtsilä or its customers
• Engage in responsible disclosure and coordinate disclosure with Wärtsilä

Wärtsilä may recognize responsible researchers on the Hall of Thanks for valid disclosures.

You can contact Wärtsilä PSIRT through psirt@wartsila.com
PGP Public Key (54B7 C22C 13A1 1026 8C28  B125 0585 C02C E0E7 6173)

We recommend encrypting your e-mails. Please write your submissions in English.

Following details are helpful for processing the submission:

• Your name and organization, or if you wish to remain anonymous
• Contact details for further questions
• Type of vulnerability
• Impact of the issue, if understood
• How to replicate the issue, proof of concept if available
• Affected product, solution or service
• Has the information been published already somewhere
• Do you wish to be recognized publicly for your finding

Thank you for your support!