Search
  • Find a store
  • My wishlist
  • My Basket My Basket

Product Security and Compliance

Product Security Support Policy

We try to provide constant security updates for our IoT products. Security updates usually include the latest security patches, security vulnerability repairs, and other security improvements. We will maintain security updates for some device models for at least 4 years from the date of release.
 *The corresponding security support period for the product will not be shortened on this basis. We will announce the new support period if it is extended.

List of products supporting security updates:
STIGA Robot mowers with Vista technology 
A 6v 
A 8v 
A 10v 
A 15v
A 25v
A 50v 
A 100v 
A 140v

We publish and update the list of products that do not support security updates below on a regular basis to help you check whether your device will still receive security updates.

List of products that have been discontinued from security updates
Below is a list of products for which we no longer provide security updates. This means that we no longer provide any software or firmware updates (including security updates) for them and may no longer respond to security vulnerability reports for such products.

Updated: 10/12/2024
*Disclaimer:
1. The information on this page is for reference only. Actual situations vary depending on the security updates received by your device.
2. Security patch delivery times may vary by region and model.
3. Certain patches received from chipset vendors (also known as device-specific patches) may not be included in this month's security updates. We will include them in security updates as soon as possible.
 4. Security update policies and devices are subject to change and will be reviewed regularly.

Vulnerability Disclosure Policy

Vulnerability Reporting

How to Report a Vulnerability
Report suspected vulnerabilities
Security researchers, industry organizations, customers and suppliers are encouraged to work with us and report security vulnerabilities related to Stiga products and services.


Vulnerability reporting email
If you encounter or discover security issues in Stiga products and services, please report them to us by sending an email to callcentre@stiga.com.

 

Reporting email

Note

Email: callcentre@stiga.com

Email subject line: Vulnerability name (for example, XXX product's XXX vulnerability)

 

The body text of the email can follow the format below, or you can choose the necessary information to send.
1) Name of the reporting individual or organisation, and contact information
2) Vulnerability descriptions (vulnerability type and its threat)
3) Affected products and their versions
4) Technical details of potential vulnerabilities, proof of exploitation, and proof of concept (POC)
5) Suggestions for enhancing and fixing security
6) Possible vulnerability disclosure plan


Vulnerability Response

STIGA values the vulnerability management of its products and services, supports responsible vulnerability disclosure and handling processes, and respects the research output of every security researcher. We will assign dedicated personnel to follow, analyse and handle each security issue that is reported to ensure that there is a timely resolution and response. We will send an email with the initial feedback within five working days. We will continue to follow up and provide updates on the vulnerability resolution progress until the fix is completed.
 * Note: The actual time of response to the vulnerability may vary depending on its risk level and complexity.


Vulnerability awareness: Take the initiative to monitor and receive the potential security vulnerabilities and issues that are reported, and remain in contact with the vulnerability reporters.

Vulnerability verification: Verify whether potential security vulnerabilities and problems affect the security of our products, assess risks, and inform users about the rectification timeline and vulnerability levels.

Fixing vulnerabilities: Develop plans for mitigating the risks of and fixing vulnerabilities, verify the results of the vulnerability fix, and provide product upgrade packages or patches.

Vulnerability disclosure: Disclose vulnerability information when workarounds and patches are available (or when new releases are launched).
Problem improvement: After the vulnerability is disclosed, we will monitor the effectiveness of the remedy, collect customer feedback and suggestions, and update the patch/upgrade the package if necessary. STIGA will also keep improving product development and vulnerability handling processes.


Throughout the vulnerability handling process, we will strictly control the scope of the vulnerability information and limit its dissemination to only the relevant personnel involved in the vulnerability remediation. We also request that the vulnerability reporter promise to keep the vulnerability information confidential until a complete resolution is provided to the users.

We will take the necessary and reasonable measures to protect the vulnerability data that we obtain based on legal compliance. STIGA will not voluntarily share or disclose the above data to other parties unless expressly requested to by the affected customer or if required by law.

STIGA PSTI Statement of Compliance (SoC)

Information on the compliance of our products with the Product Security and Telecommunications Infrastructure (PSTI) Act 2022

What is a PSTI Statement of Compliance?
A PSTI Statement of Compliance (SoC) is a document that confirms that a product meets the requirements of the PSTI Act. The Act sets security standards for certain types of products that can be connected to the internet.

Why is PSTI compliance important?
PSTI compliance is important to ensure the safety of consumers and businesses. It helps to protect products from cyberattacks and other security risks.

We will provide updates and patches to address any security vulnerabilities that may be identified in the product for at least the duration of the support period specified.

STIGA Product

PDF

Robot Vista models A 6v, A 8v, A 10v, A 15v, A 25v, A 50v, A 100v, A 140v

  

In the table above, you will see STIGA products sold in the UK that fall under the scope of the PSTI policy, along with corresponding links to download the PSTI compliance statement.

We value your feedback. If you wish to report possible security vulnerabilities in our products, please refer to the process outlined on this webpage. 
If you need to inquire about the service expiration dates for related products, please refer to the customer service contact you find above.

Subscribe to our newsletter!
  • Receive 10% discount on your first order 
  • Stay up to date on all our products
  • Be the first to hear about offers and discounts

Free Delivery
Only on selected models

White glove service
Premium delivery

Payments

Spread the cost

How big is your Garden?
Draw around your lawn on the map to find the most suitable products.
Zoom in on your property. Click or tap to draw a path around your garden to measure the area.