Our Bug Bounty programme supports the reporting and quick elimination of security gaps (bugs) in our products and services. We invite both private individuals and organisations to report weak points to our Computer Security Incident Response Team (CSIRT).
Please report any security vulnerability directly on our portal:
For any other inquiries regarding the Bug Bounty programme please contact us by e-mail:
PGP key id | EACE7621 |
PGP fingerprint | 0D9E 4E7C AA3D 666F 7AA8 2126 FA1E 1D53 EACE 7621 |
PGP public key | public key |
Postal address |
Swisscom (Switzerland) Ltd GSE-CYD Alte Tiefenaustrasse 6 CH-3048 Worblaufen |
Your report must contain all the information we need to confirm the vulnerability. This includes:
Reports about the following issues and systems are considered irrelevant:
All those involved in the collaboration between Swisscom and the security community observe the following rules:
Swisscom's understanding of responsible disclosure:
Swisscom CSIRT bears responsibility for a standardised procedure that accepts externally reported security vulnerabilities, remediates and publishes them in a coordinated manner as appropriate.
ID | Product concerned | Credits |
---|---|---|
CVE-2020-16134 |
Swisscom Internet-Box | Martin Jindra – digi.ch GmbH |
CVE-2019-19940 CVE-2019-19941 CVE-2019-19942 |
Swisscom Centro Grande, Swisscom Centro Business |
Cyril Mueller |
SCBB-2986 | Tufin Secure Change | Raphaël Arrouas |
SCBB-2629 | Swisscom Internet Box | Matthias Galliker |
CVE-2018-16596 | Swisscom Internet-Box | Michael Mazzolini – GoldNetwork |
myStrom WiFi Product Line | Jan Almeroth (@almeroth) | |
CVE-2018-13108 | Centro Business (ADB) | Johannes Greil (Office Vienna), SEC Consult Vulnerability Lab |
CVE-2018-6765 | Swisscom MySwisscomAssistant | Kushal Arvind Shah, Fortinet FortiGuard Labs |
CVE-2018-6766 | Swisscom TVMediaHelper | Kushal Arvind Shah, Fortinet FortiGuard Labs |
CVE-2016-10042 | Swisscom Internet Box (Arcadyan) | Mateusz Khalil |
2016-6270433 | Swisscom DSL Router Centro Grande (ARRIS/Motorola) | Matthias Galliker |
CVE-2015-6498 | Home Device Manager, Alcatel-Lucent | Dr. Ulrich Fiedler, BFH-TI Biel/Bienne |
CVE-2015-1188 | Swisscom DSL Router Centro Grande (ADB), ADB | Ivan Almuina |
CVE-2015-1187 | D-Link DIR636L, D-Link | Tiago Caetano Henriques |
CVE-2014-3809 | 1830 Photonic Service Switch, Alcatel-Lucent | Stephan Rickauer |