PSTI user information

The Product Security and Telecommunication Infrastructure (PSTI) Declaration of Compliance

From 29 April 2024, manufacturers of consumer connected (or 'Smart')   devices must comply with new UK law.

The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI act), will help consumers to choose smart devices that have been designed to provide ongoing protection against cyber attacks.

The  PSTI act means manufacturers must ensure that all their smart devices meet basic cyber security requirements. Specifically:

• The manufacturer must not supply devices that use default passwords, which can be easily discovered online, and shared.  
• The manufacturer must provide a point of contact for the reporting of security issues  
• The manufacturer must state the minimum length of time for which the device will receive important security updates.  

Vulnerability Reporting

How to report a vulnerability with Viessmann’s connected devices and online services such as ViCare and ViGuide.

Do you believe you have found a vulnerability with our connected devices (e.g. ViCare)?

You should contact Viessmann Limited via our contact form below

Report the vulnerability

• Please provide details of your experience and why you believe there to be a vulnerability in the security of our software here  and choose the "ViCare" option

Vulnerability reporting guidelines

• Please do not share the vulnerability information beyond Viessmann, without express consent from Viessmann Limited

• To submit your report, you will need to agree to the Viessmann Terms and Conditions and acknowledge that you have read the Privacy Policy and Disclosure Guidelines.

• Once you have submitted the report, it will be assessed by our team within five working days

• The affected owner (Viessmann) holds responsibility for resolving the issue.

To report an issue please use contact Viessmann Limited via our  contact form  and choose the "ViCare" option