At Sennheiser, we prioritize our customers' security and are dedicated to being a dependable and trustworthy partner. We are committed to addressing the security needs of our customers, particularly our corporate and higher education clients, while staying ahead of upcoming security regulations. Our security features are being progressively integrated into our portfolio and will be included in new relevant solutions.
Security Features
Sennheiser products are built around the needs of our cherished AV and IT professional users. We are continuously evaluating and evolving our products to make sure we offer all essential security features. The following features are gradually rolled out in parts of our portfolio and will be available in all new relevant solutions.
Encryption for Confidentiality
To meet the increasing demand for security in AV and IT projects, Sennheiser developed the secure Sennheiser Sound Control Protocol for secure control of our devices. It is an encrypted REST API allowing the user to control the device using HTTPS commands and integrate products in every IT environment. It offers end-to-end security, utilizing TLS.
Selected wireless microphone products support wireless link audio encryption, based on AES 256. This standard is recommended by NIST and widely used in multiple industries including AV
Authentication and Authorization for Access Control
Sennheiser implements authenticated methods on our devices and software, to ensure that only authenticated users can access the devices on the network and that devices are secured end-to-end.
- Most Sennheiser software solutions which are accessible on the network, are password protected by default.
- All the latest Sennheiser devices must be claimed and password protected before allowing configuration or monitoring.
- 3rd party integrations are disabled by default. They must be explicitly enabled, authorized by the user and authenticated in the 3rd party module.
- 802.1x is supported to allow IT professionals the state-of-the-art control mechanism for network authentication. It allows the configuration of which devices can communicate on their internal networks.
Firmware updates
- All network connected Sennheiser devices are updatable, thus ensuring that future vulnerabilities can be resolved by providing security patches.
- The devices utilize a secure firmware update, ensuring that only authorized firmware is executed.
- Sennheiser monitors for vulnerabilities and aims to provide security patches in a timely manner. Please always keep your systems up-to-date.
Advanced networking options
Sennheiser provides multiple network ports on our products to allow IT and AV professionals to utilize network isolation. In complex customer networks, the Sennheiser device can be connected to separate networks, isolating control from media communication.
For security sensitive applications and additional flexibility, customers also have the option to use analog audio on selected products and disconnect their devices from the network altogether.
Vulnerability Handling Policy
If you want to report a vulnerability in a Sennheiser product
- Please use the form: https://help.sennheiser.com/hc/en-us/requests/new
- Select “I want to report a security issue with a product or software”
Our vulnerability handling process
- Sennheiser has a dedicated product security team which, upon discovering internally or receiving a reported vulnerability, will investigate and determine its applicability, severity and impact.
- In case it is applicable, the vulnerability and fixing proposals are coordinated with the respective development team.
- The security update will be communicated in the firmware and software release notes. Severe vulnerabilities will also be communicated on the product website.
- Customers are urged to check the release notes and to always keep their systems up to date.
- Sennheiser is committed to fix and communicate vulnerabilities in a timely manner.
