Report a potential security vulnerability to HP

---

To Submit a Report

---

Security is critically important to HP and we know it’s a top issue for our customers and the foundation of trust in our products and services. When vulnerabilities are discovered, our goal is to provide updates to mitigate potential risks as quickly as possible, ideally before the release of information regarding the vulnerability.

HP has adopted the industry best practice called Coordinated Vulnerability Disclosure (CVD) , and works with partners, industry, and the security community to address vulnerabilities.

HP encourages anyone who suspects a vulnerability in one of our products or services to report it to us and work in a coordinated manner to mitigate the vulnerability via the following process:

• Submit suspected vulnerabilities to HP using the form below.
• HP will acknowledge receipt of the submission within two business days and begin investigating.
• If the vulnerability is confirmed, HP will notify the submitter in a timely manner, begin working on remediation plans, and provide status updates to the submitter in a reasonable timeframe.
• HP will work with the submitter regarding a coordinated public release of the vulnerability so that updates are available to protect customers and minimize potential risks.

Any reports submitted which are not related to potential security vulnerabilities in HP supported software/firmware products will be forwarded to the appropriate organization within HP. However, forwarding a report will cause any response to be delayed. For all other issues, please use the Support and Troubleshooting web page to choose the contact best suited to your inquiry.

Please note that the HP PSRT is currently limited to inquiries and responses written in English.

Additional Information:

Contact HP worldwide (in English)

Link Public Key: HP encourages encrypted email of sensitive information via PGP

HP’s Coordinated Vulnerability Disclosure