You are here

Report Security Vulnerabilities | Cypress Semiconductor

Report Security Vulnerabilities

Cypress takes security very seriously. If you have identified a security vulnerability in any Cypress product or system, please contact us immediately at We would like to hear from you and acknowledge your contribution to improving our products!

Security and vulnerability information is extremely sensitive. We request that you encrypt your email using the PSIRT PGP/GPG key below.


  • Fingerprint: DBA2 F9FE 3494 B0D3 B089 03E9 9ABE CCCF 5040 64C6
  • PGP/GPG key: Key

You can download PGP/GPG software to encrypt your email from GnuPG (free).

For maximum security, only download the key from this page. Keys downloaded from other sites may be prone to tampering.

Frequently Asked Questions

Q. What constitutes a security vulnerability?

A. A security vulnerability is a computer-system weakness that can be exploited to perform unauthorized actions.

Q. When reporting a security vulnerability, what information should I provide?

A. To report a security vulnerability in Cypress products or systems, please send an email to Please specify how you encountered the problem, what products were used, the dates they were purchased, and provide any other relevant details. For technical support, please visit the Cypress Developer Community.

Q. How soon after reporting a vulnerability can I expect a response from Cypress?

A. You should receive an immediate automated response acknowledging receipt of your email. The Cypress response team will then follow up with you within 24-72 hours.

We Appreciate your Support

Security threats are constantly changing and evolving, and Cypress is committed to continuously improving its security strategy. We appreciate your support in helping us to build secure solutions for our customers and partners.