Security Features
Sennheiser products are built around the needs of our cherished AV and IT professional users. We are continuously evaluating and evolving our products to make sure we offer all essential security features. The following features are gradually rolled out in parts of our portfolio and will be available in all new relevant solutions.
 
Encryption for Confidentiality
To meet the increasing demand for security in AV and IT projects, Sennheiser developed the secure 
Sennheiser Sound Control Protocol for secure control of our devices. It is an encrypted REST API allowing the user to control the device using 
HTTPS commands and integrate products in every IT environment. It offers end-to-end security, utilizing 
TLS.
 
Selected wireless microphone products support wireless link encryption, and some also support Dante Media Encryption — both based on AES 256. This encryption standard is recommended by NIST and widely used across industries including AV. Support for Dante Media Encryption will also be extended to our ceiling microphones and TeamConnect Bars in the near future.
 
Authentication and Authorization for Access Control
Sennheiser implements authenticated methods on our devices and software, to ensure that only authenticated users can access the devices on the network and that devices are secured end-to-end.
- Most Sennheiser software solutions which are accessible on the network, are password protected by default.
 
 
- All the latest Sennheiser devices must be claimed and password protected before allowing configuration or monitoring.
 
 
- 3rd party integrations are disabled by default. They must be explicitly enabled, authorized by the user and authenticated in the 3rd party module.
 
 
- 802.1x is supported to allow IT professionals the state-of-the-art control mechanism for network authentication. It allows the configuration of which devices can communicate on their internal networks.
 
 
Firmware updates
- All network connected Sennheiser devices are updatable, thus ensuring that future vulnerabilities can be resolved by providing security patches.
 
 
- The devices utilize a secure firmware update, ensuring that only authorized firmware is executed.
 
 
- Sennheiser monitors for vulnerabilities and aims to provide security patches in a timely manner. Please always keep your systems up-to-date.
 
 
Advanced networking options
Sennheiser provides multiple network ports on our products to allow IT and AV professionals to utilize network isolation. In complex customer networks, the Sennheiser device can be connected to separate networks, isolating control from media communication.
 
For security sensitive applications and additional flexibility, customers also have the option to use analog audio on selected products and disconnect their devices from the network altogether.
 
 
Vulnerability Handling Policy
 
If you want to report a vulnerability in a Sennheiser product
 
Our vulnerability handling process
- Sennheiser has a dedicated product security team which, upon discovering internally or receiving a reported vulnerability, will investigate and determine its applicability, severity and impact.
 
 
- Sennheiser responds within 7 working days upon receiving reported vulnerabilities and will provide updates on the status of confirmed vulnerabilities in a timely manner
 
 
- In case it is applicable, the vulnerability and fixing proposals are coordinated with the respective development team.
 
 
- The security update will be communicated in the firmware and software release notes.  Severe vulnerabilities will also be communicated on the product website.
 
 
- Customers are urged to check the release notes and to always keep their systems up to date.
 
 
- Sennheiser is committed to fix and communicate vulnerabilities in a timely manner.