Please report any vulnerabilities you discover that are not yet publicly known, if they are:
- high-impact vulnerabilities that may affect many users, critical national infrastructure or physical safety and could occur in software components, protocols or hardware
- vulnerabilities in websites or systems for big business or government entities.
Coordinating the disclosure of vulnerabilities can minimise the potential harm caused by those vulnerabilities being exploited.
This disclosure will give vendors and developers more time to mitigate the vulnerabilities and enable affected systems of national interest to reduce their exposure.
The Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) has developed a secure process to enable reporting of a vulnerability.
Fill in your contact details below and a member of the ASD’s ACSC will contact you to proceed with the process and provide information about the secure email certificate.