BMW GROUP. SECURITY.

The security of our products and services is top priority for us – so we naturally respect and appreciate the work of security experts in this area. You can also help us by identifying vulnerabilities so we can address them.

If you discover a vulnerability, please contact us.
Always ensure that your message is encrypted.
You can use our PGP key for this purpose and add your public PGP key in return.

Notes on how to report vulnerabilities:

• Please write your correspondence in English or German, if possible.
• Please provide your name and contact information.
• So that we can understand your report quickly and efficiently, please include a proof of concept and a detailed description.
• Please give us time to develop and roll out countermeasures, before you make technical details public (Responsible Disclosure).
• Common vulnerabilites are excluded.

We will try to respond to your message and provide you with feedback within two to three business days. 

The BMW Group wishes to thank and acknowledge the security experts who are the first to identify vulnerabilities. Thanks to their support and the countermeasures developed by us, we continue to enhance the security of our products and services.