Report a Vulnerability

Researchers who report vulnerabilities do so voluntarily and without expectation of compensation.

Scope:

The policy applies to all potential software and/or hardware vulnerabilities reported through this website, whether in our  IT systems or products.

What we do with your report:

Aptiv’s policy is to contact individuals that have reported a potential vulnerability within 48 hours of a report. Please read our Privacy Statement to learn more.

Aptiv Product Security Operations Center (“PSOC”) handles Incident Response and Vulnerability Management on Aptiv Products, Aptiv Security Operations Center (“SOC”) Handles the same activities on Aptiv owned infrastructure.

PGP KEY