Airbus
Company Details
Linkedin ID:
airbusgroup
Website:
Employees number:
84,573
Number of followers:
2,763,524
NAICS:
3364
Industry Type:
Homepage:
airbus.com
IP Addresses:
81
Company ID:
AIR_2222341
Scan Status:
Completed
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
Airbus Vendor Cyber Rating & Cyber Score
airbus.comAirbus pioneers sustainable aerospace for a safe and united world. The Company constantly innovates to provide efficient and technologically-advanced solutions in aerospace, defence, and connected services. In commercial aircraft, Airbus designs and manufactures modern and fuel-efficient airliners and associated services. Airbus is also a European leader in space systems, defence and security. In helicopters, Airbus provides efficient civil and military rotorcraft solutions and services worldwide.
Airbus A.I CyberSecurity Scoring
Airbus Risk Score (AI oriented)Between 800 and 849
Airbus
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Airbus Global Score (TPRM)XXXX
Airbus
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Airbus Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Airbus
Vulnerability
Rankiteo Explanation
Attack threatening the organization’s existence
Description: Security researchers have confirmed active exploitation of a critical vulnerability in Wing FTP Server, just one day after technical details were publicly disclosed. The flaw, tracked as CVE-2025-47812, has received the maximum CVSS score of 10.0 and enables unauthenticated remote code execution with root or SYSTEM privileges. Organizations using Wing FTP Server for file transfer operations include major corporations such as Airbus, indicating the potential for significant impact across critical infrastructure sectors.
Airbus Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Airbus
Incidents vs Aviation and Aerospace Component Manufacturing Industry Average (This Year)
No incidents recorded for Airbus in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Airbus in 2026.
Incident Types Airbus vs Aviation and Aerospace Component Manufacturing Industry Avg (This Year)
No incidents recorded for Airbus in 2026.
Incident History — Airbus (X = Date, Y = Severity)
Airbus cyber incidents detection timeline including parent company and subsidiaries
Airbus Company Subsidiaries
Airbus pioneers sustainable aerospace for a safe and united world. The Company constantly innovates to provide efficient and technologically-advanced solutions in aerospace, defence, and connected services. In commercial aircraft, Airbus designs and manufactures modern and fuel-efficient airliners and associated services. Airbus is also a European leader in space systems, defence and security. In helicopters, Airbus provides efficient civil and military rotorcraft solutions and services worldwide.
Loading...
Airbus Similar Companies
We are building a road to space for the benefit of Earth, humanity’s blue origin. Our team is focused on radically reducing the cost of access to space and harnessing its vast resources while mobilizing future generations to realize this mission. Blue Origin builds reusable rocket engines, launch ve
Safran is an international high-technology group, operating in the aviation (propulsion, equipment and interiors), defense and space markets. Its core purpose is to contribute to a safer, more sustainable world, where air transport is more environmentally friendly, comfortable and accessible. Safran
A global aerospace company headquartered in Brazil, Embraer has businesses in Commercial and Executive Aviation, Defense & Security, and Agricultural Aviation. The company designs, develops, manufactures and markets aircraft and systems, providing Services and Support to customer after-sales. Sinc
CAE
At CAE, we exist to make the world safer. We deliver cutting-edge training, simulation, and critical operations solutions to prepare aviation professionals and defence forces for the moments that matter. Every day, we empower pilots, cabin crew, maintenance technicians, airlines, business aviation o
Federal Aviation Administration
The FAA is on the leading edge of a new frontier in commercial space transportation, building the next generation (NextGen) of satellite-based navigation systems, and fostering the safe integration of unmanned aerial systems into our airspace. We can only dream of what the next 50 years of American
Pratt & Whitney
Pratt & Whitney, an RTX business, is a global leader in propulsion systems, powering the most advanced aircraft in the world, and we are shaping the future of aviation. Our engines help connect people, grow economies and defend freedom. Our customers depend on us to get where they’re going and back
Bombardier
Bombardier is a global leader in aviation, focused on designing, manufacturing, and servicing the world's most exceptional business jets. Bombardier’s Challenger and Global aircraft families are renowned for their cutting-edge innovation, cabin design, performance, and reliability. Bombardier has a
Spirit AeroSystems
Inventing, designing and building what’s best in aerospace. Spirit AeroSystems is one of the world’s largest manufacturers of aerostructures for commercial airplanes, defense platforms, and business/regional jets. With expertise in aluminum and advanced composite manufacturing solutions, the company
B/E Aerospace
B/E Aerospace is now part of Rockwell Collins. With the acquisition of B/E Aerospace in April 2017, Rockwell Collins is now a world leader in designing, developing and manufacturing cabin interior products and services that deliver innovation, reliability and efficiency. Our broad range of offeri
.png)
Airbus CyberSecurity News
March 24, 2026 02:00 PM
Airbus Acquires UK Cybersecurity Firm in Strategic Move
Airbus makes a bold move in cybersecurity by acquiring a leading UK company; discover how this deal reshapes industry security standards...
March 24, 2026 10:41 AM
Airbus Continues to Strengthen Sovereign Cyber Security With Acquisition of Ultra Cyber in the UK
Airbus has entered into a definitive agreement with the Cobham Ultra group, a portfolio company of Advent, for the acquisition of Ultra...
March 24, 2026 10:35 AM
Airbus continues to strengthen sovereign cybersecurity
Airbus has entered into a definitive agreement with the Cobham Ultra group, a portfolio company of Advent, for the acquisition of Ultra...
March 23, 2026 09:53 AM
Airbus Acquires Ultra Cyber Ltd to Strengthen Cybersecurity
Airbus has signed a definitive agreement with Cobham Ultra Group, a portfolio company of Advent, to acquire Ultra Cyber Ltd. The move aims...
March 23, 2026 09:24 AM
Airbus to acquire Ultra Cyber Ltd in the United Kingdom
Airbus has entered into a definitive agreement to acquire Ultra Cyber Ltd from Cobham Ultra, a portfolio company of Advent, the company said.
March 23, 2026 07:00 AM
Airbus to acquire cybersecurity firm Ultra Cyber
Airbus has agreed to buy cybersecurity specialist Ultra Cyber from Cobham Ultra, a portfolio company of private equity firm Advent...
March 23, 2026 07:00 AM
Aerospace giant Airbus buys UK cybersecurity firm
Aerospace giant Airbus buys UK cybersecurity firm ... Aerospace and defence giant Airbus has agreed to acquire UK cybersecurity firm Ultra Cyber,...
March 23, 2026 07:00 AM
Airbus Expands Cyber Defense Capabilities as Aviation Faces Rising Threats of Digital Warfare
Airbus boosts cybersecurity with Ultra Cyber acquisition as aviation faces growing cyber warfare risks. Why Airbus and Boeing must...
March 23, 2026 07:00 AM
UK’s Ultra Cyber to be bought by aerospace giant Airbus
European aerospace and defence giant Airbus has agreed to snap up UK cybersecurity firm Ultra Cyber. It will buy the business,...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Airbus CyberSecurity History Information
Official Website of Airbus
The official website of Airbus is http://www.airbus.com.
Airbus’s AI-Generated Cybersecurity Score
According to Rankiteo, Airbus’s AI-generated cybersecurity score is 822, reflecting their Good security posture.
How many security badges does Airbus’ have ?
According to Rankiteo, Airbus currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Airbus been affected by any supply chain cyber incidents ?
According to Rankiteo, Airbus has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Airbus have SOC 2 Type 1 certification ?
According to Rankiteo, Airbus is not certified under SOC 2 Type 1.
Does Airbus have SOC 2 Type 2 certification ?
According to Rankiteo, Airbus does not hold a SOC 2 Type 2 certification.
Does Airbus comply with GDPR ?
According to Rankiteo, Airbus is not listed as GDPR compliant.
Does Airbus have PCI DSS certification ?
According to Rankiteo, Airbus does not currently maintain PCI DSS compliance.
Does Airbus comply with HIPAA ?
According to Rankiteo, Airbus is not compliant with HIPAA regulations.
Does Airbus have ISO 27001 certification ?
According to Rankiteo,Airbus is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Airbus
Airbus operates primarily in the Aviation and Aerospace Component Manufacturing industry.
Number of Employees at Airbus
Airbus employs approximately 84,573 people worldwide.
Subsidiaries Owned by Airbus
Airbus presently has no subsidiaries across any sectors.
Airbus’s LinkedIn Followers
Airbus’s official LinkedIn profile has approximately 2,763,524 followers.
NAICS Classification of Airbus
Airbus is classified under the NAICS code 3364, which corresponds to Aerospace Product and Parts Manufacturing.
Airbus’s Presence on Crunchbase
No, Airbus does not have a profile on Crunchbase.
Airbus’s Presence on LinkedIn
Yes, Airbus maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/airbusgroup.
Cybersecurity Incidents Involving Airbus
As of April 04, 2026, Rankiteo reports that Airbus has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Airbus has an estimated 2,783 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Airbus ?
Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability.
How does Airbus detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with disabling or restricting http/https access to the wing ftp web portal, containment measures with disabling anonymous login functionality, containment measures with monitoring session directories for suspicious .lua files, containment measures with implementing network segmentation to limit exposure, and remediation measures with upgrading to wing ftp server version 7.4.4 or later, and communication strategy with vendor has reportedly contacted customers via email with upgrade guidance, and network segmentation with implementing network segmentation to limit exposure, and enhanced monitoring with monitoring session directories for suspicious .lua files..
Incident Details
Can you provide details on each incident ?
Title: Active Exploitation of CVE-2025-47812 in Wing FTP Server
Description: A critical vulnerability in Wing FTP Server, tracked as CVE-2025-47812, is being actively exploited. The flaw allows unauthenticated remote code execution with root or SYSTEM privileges.
Date Detected: 2025-06-30
Date Publicly Disclosed: 2025-07-01
Type: Remote Code Execution
Attack Vector: Improper handling of null bytes in the Wing FTP Server’s web interface
Vulnerability Exploited: CVE-2025-47812
Motivation: Gain complete control over the system
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Vulnerability.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Anonymous FTP accounts.
Impact of the Incidents
What was the impact of each incident ?
Incident : Remote Code Execution AIR819071525
Systems Affected: Wing FTP Server installations
Which entities were affected by each incident ?
Incident : Remote Code Execution AIR819071525
Entity Name: ['Airbus', 'Reuters', 'U.S. Air Force']
Entity Type: Corporation
Industry: Aerospace, Media, Defense
Location: United StatesChinaGermanyUnited KingdomIndia
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Remote Code Execution AIR819071525
Containment Measures: Disabling or restricting HTTP/HTTPS access to the Wing FTP web portalDisabling anonymous login functionalityMonitoring session directories for suspicious .lua filesImplementing network segmentation to limit exposure
Remediation Measures: Upgrading to Wing FTP Server version 7.4.4 or later
Communication Strategy: Vendor has reportedly contacted customers via email with upgrade guidance
Network Segmentation: ['Implementing network segmentation to limit exposure']
Enhanced Monitoring: Monitoring session directories for suspicious .lua files
Data Breach Information
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Upgrading to Wing FTP Server version 7.4.4 or later, .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by disabling or restricting http/https access to the wing ftp web portal, disabling anonymous login functionality, monitoring session directories for suspicious .lua files, implementing network segmentation to limit exposure and .
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Remote Code Execution AIR819071525
Lessons Learned: Organizations should prioritize upgrading to the latest version of Wing FTP Server, conduct thorough security assessments, and implement additional monitoring to detect potential compromise indicators.
What recommendations were made to prevent future incidents ?
Incident : Remote Code Execution AIR819071525
Recommendations: Immediate patching and implementation of protective measures such as disabling anonymous login and monitoring session directories.
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Organizations should prioritize upgrading to the latest version of Wing FTP Server, conduct thorough security assessments, and implement additional monitoring to detect potential compromise indicators.
What recommendations has the company implemented to improve cybersecurity ?
Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: Immediate patching and implementation of protective measures such as disabling anonymous login and monitoring session directories..
References
Where can I find more information about each incident ?
Incident : Remote Code Execution AIR819071525
Source: Censys
Incident : Remote Code Execution AIR819071525
Source: Shadowserver Foundation
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: HuntressDate Accessed: 2025-07-01, and Source: Censys, and Source: Shadowserver Foundation.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Vendor Has Reportedly Contacted Customers Via Email With Upgrade Guidance.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Remote Code Execution AIR819071525
Entry Point: Anonymous FTP accounts
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Remote Code Execution AIR819071525
Root Causes: Improper handling of null bytes in Wing FTP Server’s web interface
Corrective Actions: Upgrading to Wing FTP Server version 7.4.4 or later
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Monitoring Session Directories For Suspicious .Lua Files, .
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Upgrading to Wing FTP Server version 7.4.4 or later.
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2025-06-30.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-07-01.
Impact of the Incidents
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Wing FTP Server installations.
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Disabling or restricting HTTP/HTTPS access to the Wing FTP web portalDisabling anonymous login functionalityMonitoring session directories for suspicious .lua filesImplementing network segmentation to limit exposure.
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Organizations should prioritize upgrading to the latest version of Wing FTP Server, conduct thorough security assessments, and implement additional monitoring to detect potential compromise indicators.
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Immediate patching and implementation of protective measures such as disabling anonymous login and monitoring session directories..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Shadowserver Foundation, Censys and Huntress.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Anonymous FTP accounts.
.png)
Latest Global CVEs (Not Company-Specific)
Description
nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, two peer-facing consensus request handlers assume that the history index is always available and call blockchain.history_store.history_index().unwrap() directly. That assumption is false by construction. HistoryStoreProxy::history_index() explicitly returns None for the valid HistoryStoreProxy::WithoutIndex state. when a full node is syncing or otherwise running without the history index, a remote peer can send RequestTransactionsProof or RequestTransactionReceiptsByAddress and trigger an Option::unwrap() panic on the request path. This issue has been patched in version 1.3.0.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Description
PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates the destination path but performs no validation on the url parameter, passing it directly to httpx.stream() with follow_redirects=True. An attacker who controls the URL can reach any host accessible from the server including cloud metadata services and internal network services. This issue has been patched in version 1.5.95.
Risk Information
cvss3
Base: 8.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Description
PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validate_token() returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access to all registered tools and agent capabilities. This issue has been patched in version 4.5.97.
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Description
PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages to agents and their tool sets. This issue has been patched in version 4.5.97.
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Description
PraisonAI is a multi-agent teams system. Prior to version 4.5.90, MCPToolIndex.search_tools() compiles a caller-supplied string directly as a Python regular expression with no validation, sanitization, or timeout. A crafted regex causes catastrophic backtracking in the re engine, blocking the Python thread for hundreds of seconds and causing a complete service outage. This issue has been patched in version 4.5.90.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=airbusgroup' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
