Carrier is committed to the security of our building automation and controls. We investigate all reports of security vulnerabilities affecting our products. If you believe you have found a security vulnerability in one of our products, please send an e-mail to product security.
NOTE: When reporting a vulnerability, please do not transmit sensitive information to the e-mail address provided above. You should receive a confirmation of our receipt of your e-mail or similar response within 48 hours. Our response will include additional information to enable secure communication. Please follow up with us if you have not received a response within this time frame.
Please use our general inquiries form for all product inquiries and other correspondence unrelated to product security vulnerabilities.
Security Best Practices Checklists for Building Automation Systems (BAS)
Customers – please download Security Best Practices Checklists for Building Automation Systems (BAS) (for i-Vu Pro) or Security Best Practices Checklists for Building Automation Systems (BAS) (for i-Vu Standard/Plus) to ensure that you are following our best practices installation guidelines for protecting your building automation system.
It is extremely important that your i-Vu BAS is updated with the latest security update. The table below lists current i-Vu models and versions and their current update:
|i-Vu Model||Version 7.0 Update||Version 8.0 Update|
|i-Vu Standard and Plus||November 16, 2020 Cumulative Update||N/A|
|i-Vu Pro||November 3, 2021 Cumulative Update||December 6, 2021 Cumulative Update|
To check your current version of i-Vu select 'about i-Vu' from the dropdown menu:
In the resulting pop-up window, search for cumulative updates by hitting Ctrl-F and typing 'cumulative' in the search box:
If you don’t have the update listed in the table above, contact your local Carrier representative to obtain it.
Carrier products and services are also covered under Carrier’s Global Product Security Program, which ensures that products and services manufactured and supported by Carrier are subject to robust secure development and process control requirements that comply with commercially appropriate cybersecurity standards of compliance. The Carrier Way for product security means proactive focus, best practices, comprehensive support and the domain expertise to strengthen and ensure the resiliency and stability of our offerings.