Devolo

Cyber security

For devolo, the security of our products and solutions is a top priority and a fundamental and ongoing task.


We are in constant dialogue with external experts and organizations, and we continuously monitor current developments of the information and communications technology.

Report a security vulnerability

  1. If you think that you have found a potential security vulnerability in the firmware of our products or on our website, please send a message to: product-security@devolo.de.
  2. To ensure secure communication of sensitive information, please encrypt your email using our GPG key (finger print: DFD5 2E75 E634 B11C 8D56 CB10 753F B99A E01F 5C96). Please note that we only exchange sensitive information in this manner.
  3. We will respond to vulnerability reports as soon as possible—usually within ten business days.
  4. Once the vulnerability has been identified, we will develop and implement a remediation plan to fix the security vulnerability. Remediation typically takes up to 90 days, in some cases it may take longer.
  5. All security solutions can be found under Current safety information.


For technical questions or support concerning our devolo products, please contact our support team.

Current safety information

Date & ID

Description

Affected products

Date: 2022-01-05

Log4Shell log4j security issue

None of the devolo products use Java, hence no devolo product is affected by Log4Shell. The devolo online services do not make use of log4j, so they are also not affected by Log4Shell.

No devolo product is affected by Log4Shell

Date: 2021-12-16

ID: dSA-211102

Use of Insecure WPS Default Setting

Security vulnerability in devolo WiFi products due to use of insecure WPS default setting

Further Information: Download

  • Magic 2 WiFi 6
  • Magic 2 WiFi next
  • Magic 2 WiFi
  • Magic 1 WiFi
  • Magic 1 WiFi mini
  • dLAN 1200+ WiFi ac
  • dLAN 550+ WiFi
  • dLAN 550 WiFi
  • dLAN WiFi Outdoor
  • WiFi Repeater+ ac

Date: 2021-05-12

ID: dSA210511

FragAttacks

Multiple security vulnerabilities in the WiFi Stack of several devolo products

Further Information: Download

Further Information: Download (BSI-Cyber-Sicherheitswarnung)

  • Magic 2 WiFi next
  • Magic 2 WiFi 2-1
  • Magic 1 WiFi 2-1
  • Magic 1 WiFi mini
  • dLAN 1200+ WiFi ac
  • dLAN 1200+ WiFi n
  • dLAN 550+ WiFi
  • dLAN 550 WiFi
  • dLAN 500 WiFi
  • dLAN WiFi Outdoor
  • WiFi Repeater+ ac
  • WiFi Repeater ac
  • WiFi Repeater n
  • GigaGate
  • Access Point One

Date: 2020-12-08

ID: dSA-201101

IP Stack dLAN GreenPHY

Several vulnerabilities in the IP stack of the dLAN GreenPhy SDK and dLAN GreenPhy Bootloader

Further Information: Download

  • dLAN GreenPhy Module
  • dLAN GreenPhy SDK