Fastwarm® Product Security & Vulnerability Reporting

Fastwarm® is committed to ensuring the security of our connected underfloor heating products, including WiFi thermostats, app-connected control systems, and any other relevant connectable devices supplied in the United Kingdom.

We follow recognised best practices to maintain the safety, reliability, and cybersecurity of our products. If you identify a potential security vulnerability, we encourage you to report it so we can investigate and address the issue promptly.

Report a Security Issue

If you believe you have discovered a security vulnerability in any Fastwarm® connectable product, please contact our Product Security Team using the details below.

Contact Option

This inbox is monitored daily by Fastwarm®’s technical support team and is dedicated to receiving security vulnerability reports.

Fastwarm® provides this reporting channel in accordance with the Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023.

What Happens Next?

When you submit a security report to Fastwarm®, you can expect the following process:

1. Acknowledgement of Receipt

We will acknowledge receipt of your security report within 2 business days.

2. Initial Assessment and Status Updates

  • An initial triage or status update will be provided within 7 days of receipt.
  • Ongoing status updates will be provided at least every 30 days until the investigation is complete and the issue has been resolved or formally closed.

3. Final Resolution

Once the issue has been resolved, Fastwarm® will notify you and provide:

  • The outcome of the investigation
  • Details of any corrective actions taken (where appropriate)
  • Confirmation that the case has been closed

This process follows the principles of Coordinated Vulnerability Disclosure (CVD).

Which Products Does This Cover?

This security reporting process applies to all Fastwarm® relevant connectable products, including but not limited to:

  • Fastwarm® WiFi 2.0 Thermostat (ET-63W)
  • Any other Fastwarm® smart or internet-connected control system sold in the UK

Security Update Support Period

Fastwarm® will provide security updates for all relevant connectable products for a minimum period of:
3 years from the date the product is first supplied in the United Kingdom.

This defined support period is published in accordance with the PSTI Regulations.

During this period, security updates will be made available when required to address identified vulnerabilities.

Information on security updates and expected end-of-support dates is published alongside this page and in Fastwarm®’s Statement of Compliance.

Our Commitment to Product Security

Fastwarm® manages product security in line with recognised international standards and best practices, including:

  • Coordinated Vulnerability Disclosure (CVD)
  • ETSI EN 303 645 – Cybersecurity for Consumer Internet of Things
  • ISO/IEC 29147 – Vulnerability Disclosure
  • ISO/IEC 30111 – Vulnerability Handling Processes

We are committed to maintaining the security, safety, and performance of our smart heating products throughout their defined security update support period.

Need Additional Support?

If your enquiry is not related to product security or vulnerability reporting, please contact our Technical Support Team for general product, installation, or usage assistance.