PSTI user information
The Product Security and Telecommunication Infrastructure (PSTI) Declaration of Compliance
From 29 April 2024, manufacturers of consumer connected (or 'Smart') devices must comply with new UK law.
The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI act), will help consumers to choose smart devices that have been designed to provide ongoing protection against cyber attacks.
The PSTI act means manufacturers must ensure that all their smart devices meet basic cyber security requirements. Specifically:
- The manufacturer must not supply devices that use default passwords, which can be easily discovered online, and shared.
- The manufacturer must provide a point of contact for the reporting of security issues
- The manufacturer must state the minimum length of time for which the device will receive important security updates.
Vulnerability Reporting
How to report a vulnerability with Viessmann’s connected devices and online services such as ViCare and ViGuide.
Do you believe you have found a vulnerability with our connected devices (e.g. ViCare)?
You should contact Viessmann Limited via our contact form below
Report the vulnerability
Please provide details of your experience and why you believe there to be a vulnerability in the security of our software here and choose the "ViCare" option
Vulnerability reporting guidelines
Please do not share the vulnerability information beyond Viessmann, without express consent from Viessmann Limited
To submit your report, you will need to agree to the Viessmann Terms and Conditions and acknowledge that you have read the Privacy Policy and Disclosure Guidelines.
Once you have submitted the report, it will be assessed by our team within five working days
- The affected owner (Viessmann) holds responsibility for resolving the issue.
To report an issue please use contact Viessmann Limited via our contact form and choose the "ViCare" option