Skip to main content

Do you have questions regarding our company and our products and services? Our experts will be happy to help. 

Fresenius SE & Co. KGaA
Else-Kröner-Str. 1
61352 Bad Homburg
Germany

T: +49 6172 608-0

Postal address:
Fresenius SE & Co. KGaA
61346 Bad Homburg
Germany

How to get here (PDF, 2.19 MB) Route planner

Nick Stone
Senior Vice President Investor Relations
Head of Investor Relations
T: +49 (0) 6172 608-97033
nick.stone@fresenius.com

Karen Janek
Assistant Investor Relations
T: +49 (0) 6172 608-2487
karen.janek@fresenius.com

Silke Zimmermann
Assistentin Investor Relations
T: +49 (0) 6172 608-2464
silke.zimmermann@fresenius.com

Florian Feick
Vice President Investor Relations
Deputy Head of Investor Relations
T: +49 (0) 6172 608-5167
florian.feick@fresenius.com

Michael Otto
Director Investor Relations
T: +49 (0) 6172 608-2419
michael.otto@fresenius.com

Elisabeth Truckenbrodt
Director Investor Relations
T: +49 (0) 6172 608-2486
elisabeth.truckenbrodt@fresenius.com

Stefanie Drees
Director Investor Relations
T: +49 (0) 6172 608-5211
stefanie.drees@fresenius.com

Felix Klein
Senior Manager Investor Relations
T: +49 (0) 6172 608-96484
felix.klein@fresenius.com

Mara Sinsel
Senior Manager Investor Relations
T: +49 (0) 6172 608-96538
mara.sinsel@fresenius.com

Annette Hainz
Manager Investor Relations
T: +49 (0) 6172 608-2604
annette.hainz@fresenius.com

Elisabeth Jung
Manager Investor Relations
T: +49 (0) 6172 608-2419
elisabeth.jung@fresenius.com

Dennis Hofmann
Head of Corporate Communications
T +49 (0) 6172 608-96008
pr-fre@fresenius.com

Alexandra Graulich
Secretary Corporate Communications
T: +49 (0) 6172 608-2501
alexandra.graulich@fresenius.com

 
Contacts for Corporate Topics

Stefan Schmidt
T +49 (0) 175 45 43 556
stefan.schmidt@fresenius.com

Timo Lindemann
T +49 (0) 6172 608-7939
timo.lindemann@fresenius.com

Leif Heussen
T +49 (0) 6172 608-4030
leif.heussen@fresenius.com

Sabine Polte
T: +49 (0) 6172 608-2395
sabine.polte@fresenius.com

Sarah Greier
T: +49 (0) 6172 608-96215
sarah.greier@fresenius.com

 
Contacts for Fresenius Kabi

Nicole Weber
T +49 (0) 6172 686-2394
nicole.weber@fresenius.com

Tim-Arne Kuehrt
T +49 (0) 6172 686-4112
tim.kuehrt@fresenius.com

 
Contacts for Fresenius Helios

Steffen Rinas
T: +49 (0) 6172 608-6698
steffen.rinas@fresenius.com

Birgit Gugath
T +49 (0) 173 28 12 169
birgit.gugath@helios-gesundheit.de

Franziska Vallentin (on parental leave)
T +49 (0) 151 65 21 99 81
franziska.vallentin@helios-gesundheit.de

If you have questions regarding our application process or our career opportunities please contact us at karriere@fresenius.com.

You can find detailed contact information on our careers website.

For information on specific products and services, please directly contact our business segments:

Fresenius Kabi
Infusion therapy, clinical nutrition and transfusion technology

Fresenius Helios (German only)
Hospitals and health care prevention

Joachim Weith
Senior Vice President Governmental Affairs & Public Policy
T: +49 (0) 6172 608-2101
GAPP@fresenius.com

Daniela Eyrich
Team Assistant Governmental Affairs & Public Policy
T: +49 (0) 6172 608-2302
daniela.eyrich@fresenius.com

If you have any questions about sustainability, please contact us at the following address: sustainability@fresenius.com

 

Detailed information on sustainability can be found at Responsibility.

 

Contact form 

Still not found what you are looking for? Here you can send us a message.

For all press inquiries, please contact our Corporate Communications team.

 

Captcha
Please enter the characters shown in the image.

Sebastian Schlagwein
Head of Group ESG
T: +49 (0) 6172 608-2637
sebastian.schlagwein@fresenius.com

Florian Feick
Vice President Investor Relations
Deputy Head of Investor Relations
T: +49 (0) 6172 608-5167
florian.feick@fresenius.com

Silke Zimmermann
Assistentin Investor Relations
T: +49 (0) 6172 608-2464
silke.zimmermann@fresenius.com

Karen Janek
Assistant Investor Relations
T: +49 (0) 6172 608-2487
karen.janek@fresenius.com

The Fresenius Group consists of several independently operating business units.   Statements reflect analysis performed on products developed by one or several business units.  

2024

Publication Date : 10 April 2024
Update Date: -

Fresenius cybersecurity statement for devices tested against the "BLUFFS" vulnerability.

2023

Publication Date : 24 November 2023
Update Date: -

Fresenius cybersecurity statement for devices tested against the "CVE-2022-45611" vulnerability.

2022

Publication Date : 11 July 2022
Update Date: -

Fresenius cybersecurity statement for devices tested against the "MSDT Follina" vulnerability.

Publication Date : 29 June 2022
Update Date: -

Fresenius cybersecurity statement for devices tested against the "Access:7" vulnerability.

2021

Publication Date : 21 December 2021
Latest Update Date: 09 June 2022

Fresenius cybersecurity statement for devices tested against the "Apache Log4J" vulnerability.

Publication Date : 24 November 2021
Latest Update Date: -

Fresenius cybersecurity statement for devices tested against the "NUCLEUS:13" vulnerability.

Publication Date : 12 October 2021
Latest Update Date: -

Fresenius cybersecurity statement for devices tested against the "INFRA:HALT" vulnerability.

2020

Publication Date : 06 July 2020
Update Date: 09 July 2020

Fresenius cybersecurity statement for devices tested against the "Ripple20" vulnerability.

Submit a report

Do you want to be acknowledged by name in any published document about this vulnerability?
Have you shared this vulnerability with anyone (e.g., disclosed vs. not disclosed)

Vulnerability Details

Infusion Pump|ProductSecurity@fresenius.com,Mark.Weber@fresenius-kabi.com
Transfusions Pump|ProductSecurity@fresenius.com,Mark.Weber@fresenius-kabi.com
Nutritional Pump|ProductSecurity@fresenius.com,Mark.Weber@fresenius-kabi.com
Software|ProductSecurity@fresenius.com
Blood Collection Machine|ProductSecurity@fresenius.com,Mark.Weber@fresenius-kabi.com
Monitoring Solution|ProductSecurity@fresenius.com,Mark.Weber@fresenius-kabi.com
Other|ProductSecurity@fresenius.com

Contact

Fresenius SE & Co. KGaA
Else-Kröner-Str. 1
61352 Bad Homburg v.d.H.
Germany
cert@fresenius.com

Fresenius is a global health care group with products and services for hospital and outpatient care. With over 190.000 employees in more than 100 countries and annual sales of more than 22 billion euros, Fresenius is one of the world´s leading health care companies. Connecting medical devices via the internet to hospital networks, mobile products, and other devices or hospital systems also introduces potential cyber security and patient safety risks that must be addressed.

The Fresenius Group is committed to ensuring the security of our products and services for customers, donors and patients. To us, this means:

  • Protecting the security and safety of patients.
  • Complying with federal, territorial, state, and local laws.
  • Protecting the confidentiality, integrity, and availability (CIA) of information associated with Fresenius connected medical devices and information.

Across Fresenius business units we continuously strive to improve security and protect information throughout the product lifecycle. One way in which we do this is by collecting vulnerability reports through a formal CVD process.

At Fresenius, we believe industry collaboration is essential to making our products more secure by design. Whether our partners are customers managing the cyber security in their own environments, the cyber security research community helping us better research and evaluate emerging threats, or security vendors identifying practical security solutions, we appreciate the opportunity to work together.

We encourage vulnerability testing by security researchers and by customers, with responsible reporting to Fresenius. We maintain a product security page with information on coordinated vulnerability disclosure at Vulnerability Report Advisories.
 

What you can expect from us

  • We will confirm the existence of the vulnerability to the best of our ability and be as transparent as possible

  • We will maintain an open dialogue to discuss issues

  • We will not share your name or contact information without your permission

Questions

Questions regarding this policy may be sent to ProductSecurity@fresenius.com. We also invite you to contact us with suggestions for improving this policy.

 

Scope

This vulnerability disclosure program is:

  • applicable to all products manufactured and sold by the Fresenius Group
  • not applicable to Fresenius IT infrastructure including webpages

Guidelines

  • Notify us as soon as possible following the discovery of a real or potential cyber security issue
  • Make efforts to avoid privacy violations, degradation of user experience, disruption to production systems, and destruction or manipulation of data
  • Only use exploits to the extent required to confirm a vulnerability´s presence, without compromising or exfiltrating data, establishing persistent command line access, or using the exploit to pivot to other systems
  • Provide us a reasonable amount of time to resolve the issue before you disclose it publicly

Reporting a vulnerability 

  • we accept vulnerability reports via our Coordinated Vulnerability Disclosure form. Reports may be submitted anonymously. If you share contact information, we will acknowledge receipt of your report within 7 business days.
  • we suggest operating these programs in a manner consistent with existing cyber security standards, specifically in regards to utilizing forms of encryption (e.g., hashing, PGP encrypted email). For paticulary sensitive information, submit trough out HTTPS web form. 
  • By submitting a vulnerability, you acknowledge that you have no expectation of payment and that you expressly waive future pay claims against Fresenius related to your submission. 

What we need from you 

To help us triage and prioritize submissions, we recommend that your reports:

  • Describe the situation the vulnerability was discovered and the potential impact of exploitation.
  • Provide a technical description of the potential vulnerability, including:
    • Available information on which specific product you tested, including product name and version number; the technical infrastructure tested, including operating system and version; and any relevant additional information, such as network configuration details or proof of concept.
    • For web-based services, provide the date and time of testing, URLs, the browser type and version, as well as the input provided to the application.
  • Submit disclosure in English, if possible.
  • Be aware that security testing may have side effects on the product that are not apparent. When in doubt, decommission the device and contact Fresenius.
  • Use a vulnerability only as needed to demonstrate it if identified.
  • Submit contact information for further exchange and communication.

Likewise, we require that you: 

  • Never perform security testing on devices actively being utilized for patient care delivery, diagnostics or monitoring, or on those systems that will be utilized for patient care delivery after your investigation.
  • Avoid testing that could impact patients and donors, cause a privacy issue, or damage equipment.
  • Engage in vulnerability testing within the scope of our vulnerability disclosure program in accordance with the terms and conditions of agreements entered between Fresenius and individuals.
  • Never build your own backdoor in an information system with the intention of then using it to demonstrate the vulnerability, as doing so can cause additional damage and create unnecessary cyber security risks.

With our interactive tool you can analyze and graph a variety of key figures of the Fresenius Group and the business segments on an annual basis.

With our interactive tool you can analyze and graph a variety of key figures of the Fresenius Group and the business segments on an annual and quarterly basis.

Subscribe to