Home / Company / Ensuring IoT Device Security / Report an Issue
For general security inquiries or to report a security issue in any Semtech (formerly Sierra Wireless) product, please email security@sierrawireless.com.
Please do not include any vulnerability details in your initial email. We request the reporter keep any communication regarding the vulnerability confidential. Within 2 business days, you will receive a response using the contact information provided to arrange a secure environment for sharing information. Status updates will be provided to the submitter at least once every two weeks until an agreed-upon resolution is reached.
To help us evaluate your submission as quickly as possible we request that you include the following information, if available:
When we issue an advisory to disclose security vulnerabilities and related code modifications, we will identify the reporter to give credit for their discovery, unless the reporter requests otherwise.
Legal Posture
We accept reports for all of our systems and products. We will not pursue legal action against individuals who report potential vulnerabilities to us, provided they act in good faith and in a manner consistent with responsible practices for vulnerability detection and reporting. We will generally consider your activities to be in good faith and responsible if you meet all of the following criteria:
Semtech may amend or modify our policies relating to vulnerability reporting at any time, without notice.
*NOTE* Semtech does not currently operate a bug bounty program and does not issue payment for submissions.