Product security at onsemi is coherent with our commitment to quality & customer focused approach. We strive to address security incidents in a systematic way and communicate vulnerabilities and mitigation in a timely manner.
A weakness is a defect or characteristic that can lead to undesirable behavior. A security vulnerability is a weakness in an onsemi product that can be exploited or triggered by a threat source. If you have discovered a potential security vulnerability in an onsemi product or service, please contact the Product Security Incident Response Team (PSIRT) at firstname.lastname@example.org using English language. After your incident report is received, the appropriate personnel will contact you to follow-up.
Please include the following information with your initial report:
We acknowledge that product vulnerability information can be highly sensitive. Therefore, upon receipt of an email to email@example.com, we will respond with a method to upload sensitive information to us.
Note 1: PSIRT only handles product or service security vulnerabilities. It is not meant for technical support or general queries or information on our products or services. All content other than security vulnerabilities in our products or services will not be analyzed further by PSIRT. For technical and customer support inquiries, please visit our Support page.
On receipt of a potential vulnerability email, we follow the vulnerability management process:
Acknowledgement: onsemi attempts to acknowledge receipt of submitted reports within 48 hours.
Evaluation: The reported vulnerability will be evaluated to understand if there is an issue, analyzed and set a priority to manage valid issues. At this stage, we may come back to the reporter for any missing information or if further clarification needed.
Solution: At this stage, we investigate potential solutions and mitigations to address the issue.
Communication: Once a solution is available (fix or mitigation), onsemi will communicate back to the reporter and discuss responsible disclosure measures.
onsemi intends to notify the affected customers, when appropriate, about the vulnerability either through targeted notifications to affected customers or through public communication.
Hello, your current browser settings are preventing us from processing your submission. You can adjust your browser settings and reload the page or you can submit an email directly to firstname.lastname@example.org
You might also try the following:
Thank you for submitting the contact sales form. Your request is on its way to our sales support team!
We thank you for your interest in onsemi and are working on your request. Our sales support team will respond to your request within two business days.