Home
Quality & reliability
Quality
TI PSIRT

TI PSIRT

About TI PSIRT

At TI, we prioritize the security of our products. While no product or system can be guaranteed 100% secure, we are committed to identifying and addressing potential vulnerabilities quickly and responsibly. 

The TI Product Security Incident Response Team (PSIRT) manages the process of receiving, investigating, and responding to security vulnerability reports related to our semiconductor products - including hardware, software, and documentation.

To view public information on known security vulnerabilities and available mitigations, log in to the Product security advisory portal.

How to report a potential security vulnerability

If you've discovered a potential security vulnerability affecting TI products or software, you can submit a report through the Product security advisory portal (login required).
 

  • Reports must be submitted in English. 
  • After submission, TI will confirm receipt in a timely manner.
     
Report a potential security vulnerability

Report handling process

Once a report is submitted, TI follows the following steps to evaluate and respond:

  1. Notification: TI becomes aware of a potential security vulnerability.
  2. Initial triage: TI assesses whether a TI product may be affected and whether enough information has been provided.
  3. Technical analysis: TI investigates the potential vulnerability in greater depth.
  4. Remediation: TI takes appropriate action to address any verified vulnerabilities.
  5. Disclosure: When appropriate, TI discloses details about the verified vulnerability and provides remediation guidance (e.g., in a security advisory).

Note: TI will use the Common Vulnerability Scoring System (CVSS) v3.0 to prioritize the issue for analysis and remediation. A Common Vulnerabilities and Exposures (CVE) ID may also be assigned, as needed. 

Responsible handling policy

TI PSIRT follows a responsible handling policy, based on the CERT® Guide to Coordinated Vulnerability Disclosure.

Before submitting a report, review our policy to understand what to expect from TI and what TI expects from you as a reporter.

Preparing for the EU Cyber Resilience Act (CRA)

TI is closely tracking the development of the CRA - new EU legislation that sets product security and vulnerability disclosure requirements. 

We are updating our processes to align with the CRA before September 11, 2026, when reporting obligations take effect.

Learn more about our CRA commitment.

If you're unable to use the Product security advisory portal, you can report a vulnerability by contacting TI PSIRT directly at psirt@ti.com.