Regulation ChangeLiveLive Regulation

Commission Implementing Regulation (EU) 2025/2392 published, specifying technical descriptions for Annex III/IV product categories

EU Cyber Resilience Act (CRA) — Annex III (Important products with digital elements)European CommissionEU

Announced

Dec 1, 2025

Description

The EU published Commission Implementing Regulation (EU) 2025/2392 in the Official Journal (OJ L, 1 December 2025). The implementing act sets out the technical descriptions of the categories of ‘important products with digital elements’ (CRA Annex III, Classes I and II) and ‘critical products with digital elements’ (CRA Annex IV). This is directly relevant to Annex III compliance because the clarified technical descriptions affect product classification, which in turn determines the applicable conformity assessment route and related compliance planning (e.g., whether stricter procedures apply for products falling under Annex III categories).

Sources

OfficialImplementing regulation - EU - 2025/2392 - EN
OfficialRegulation (EU) 2024/2847 of the European Parliament and of the Council of 23 October 2024 ... (Cyber Resilience Act)

Commission Implementing Regulation (EU) 2025/2392 published, specifying technical descriptions for Annex III/IV product categories

Description

Sources

Get compliance alerts for EU Cyber Resilience Act (CRA) — Annex III (Important products with digital elements)