Vulnerability Response and Disclosure

Security researchers, customers, vendors, and industry partners can report Xylem product security vulnerabilities to Xylem recommends that you encrypt confidential information sent to Xylem via email with PGP encryption; the Xylem PSIRT public key is available here.

Vulnerability Reporting

When reporting a vulnerability, please include the following information:

  • Product name and version
  • Description of the potential vulnerability
  • Any special configuration required to reproduce the issue
  • Step by step instructions to reproduce the issue
  • Proof of concept or exploit code, if available
  • Potential impact
  • Any other relevant information

Subscribe to our newsletter or receive notifications on Xylem Security Advisories