Source: OJ L 2024/2847, 20.11.2024
ENRecital 74 Voluntary notification of vulnerabilities and incidents
Manufacturers means a natural or legal person who develops or manufactures products with digital elements or has products with digital elements designed, developed or manufactured, and markets them under its name or trademark, whether for payment, monetisation or free of charge; and other natural and legal persons should be able to notify to a CSIRT designated as coordinator means a CSIRT designated as coordinator pursuant to Article 12(1) of Directive (EU) 2022/2555. or ENISA, on a voluntary basis, any vulnerability means a weakness, susceptibility or flaw of a product with digital elements that can be exploited by a cyber threat; contained in a product with digital elements means a software or hardware product and its remote data processing solutions, including software or hardware components being placed on the market separately;, cyber threats means a cyber threat as defined in Article 2, point (8), of Regulation (EU) 2019/881; that could affect the risk means the potential for loss or disruption caused by an incident and is to be expressed as a combination of the magnitude of such loss or disruption and the likelihood of occurrence of the incident; profile of a product with digital elements means a software or hardware product and its remote data processing solutions, including software or hardware components being placed on the market separately;, any incident having an impact on the security of the product with digital elements means an incident that negatively affects or is capable of negatively affecting the ability of a product with digital elements to protect the availability, authenticity, integrity or confidentiality of data or functions; as well as near misses that could have resulted in such an incident means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555;.