Vulnerability Reporting

Report a Security Vulnerability

Honeywell investigates all reports of security vulnerabilities affecting Honeywell products and services. If you are a security researcher and believe you have found a security vulnerability, please send an e-mail to us at with as much of the below information as possible. This information will help us to better understand the nature and scope of the possible issue.

  • Type of issue (buffer overflow, SQL injection, cross-site scripting, etc.)
  • Product and version that contains the bug
  • Service packs, security updates, or other updates for the product you have installed
  • Any special configuration required to reproduce the issue
  • Step-by-step instructions to reproduce the issue
  • Proof-of-concept or exploit code
  • Impact of the issue, including how an attacker could exploit the issue

To encrypt your message to our PGP key, please download it from here.

You should receive a response within 24 hours. If for some reason you do not, please follow up with us to ensure we received your original message.

For the purpose of submission, a security vulnerability is defined as a software defect or weakness that can be exploited in a cyber attack to reduce the operational or security assurances provided by the software.