FAMILY FLIGHT Stagex3 Big

Still looking for more information?

Contact us and we will be happy to answer your questions.

General inquiries for all the U.S. activities: AirbusInTheUS@webmaster-airbus.com

U.S. media inquiries: AirbusUSMedia@airbus.com

General contact information

Commercial Aircraft

2550 Wasser Terrace, Suite 9000

Herndon, Virginia, 20171, UNITED STATES 

Tel. +1 703 834 3400

Airbus Helicopters in the United States

2701 N. Forum Drive

Grand Prairie, Texas, 75052, UNITED STATES


Tel. +1 972 641 0000

Airbus U.S. Space & Defense

1525 Wilson Blvd, Suite 500

Arlington, Virginia, 22209, UNITED STATES


Tel.  +1 703 312 2300

Vulnerability disclosure guidelines

Safety and security of products, services or assets made by or belonging to Airbus are of utmost importance in our industry. We welcome any reports of potential vulnerabilities related to our products, services or assets that you may submit in good faith and in accordance with these guidelines. 

IMPORTANT: If you are a customer, supplier or contractor of AIRBUS products or services you should contact your Airbus business point directly rather than use this process. 

Safety First! 

AIRBUS is strongly committed to safety and security and therefore urges you to not do anything that could harm and damage yourself or others. 

How to report?

Send your English language report by encrypted email (please use the Airbus PGP public key) to: vuln@airbus.com as soon as possible after the discovery of the potential vulnerability together with the following information: 

  • Description of the vulnerability;
  • Details to reproduce;
  • Discovery timeline;
  • Related product, service or asset;
  • Your contact details including your PGP key.

We will acknowledge receipt of your report in a timely manner, usually within 72h. If you do not receive any acknowledgement receipt from Airbus within this timeframe, please re-submit your report to ensure we have received it. 

What’s about trust? 

We may need time to assess and fix any vulnerability. We rely on you to provide us with reasonable time before sharing or publishing any potential vulnerabilities to the public or third parties. Please keep in mind that any public disclosure or sharing of information concerning any unresolved vulnerability may cause harm and expose your responsibility. 

We respect the interests of the reporting party and anonymous reports are welcome. 

Note: AIRBUS does not operate a bug bounty program. We do, however, recognize reporting parties who have brought an acknowledged security vulnerability to our attention. AIRBUS is working to set up a public Hall of Fame. Only reporting parties who express a wish and authorization to be named will be listed in the Hall of Fame. 

Be ethical and compliant! 

The purpose of these guidelines is to ease the disclosure of potential vulnerabilities in an ethical way and in accordance with the law. They shall not be construed as a permission to infringe any law or to reverse engineer any code or other technology. 

Disclosure of any vulnerability will comply with the following principles: 

  • Do not cause any harm to AIRBUS, our customers, suppliers, partners or any other individuals or companies;
  • Do not act so as to compromise safety of our products, their operation and/or related services;
  • Do not infringe any applicable intellectual property rights or trade secrets, laws or regulations;
  • Do not lock, disclose, destroy or compromise integrity of Airbus’ and Airbus’ customers and partners’ data;
  • Do not turn a financial transaction into a precondition to the disclosure of potential vulnerability;
  • Do not breach any applicable data privacy laws and regulations.