Airbus Company Cyber Security Posture
airbus.comAirbus pioneers sustainable aerospace for a safe and united world. The Company constantly innovates to provide efficient and technologically-advanced solutions in aerospace, defence, and connected services. In commercial aircraft, Airbus designs and manufactures modern and fuel-efficient airliners and associated services. Airbus is also a European leader in space systems, defence and security. In helicopters, Airbus provides efficient civil and military rotorcraft solutions and services worldwide.
Airbus Company Details
airbusgroup
81999 employees
2558472.0
336
Aviation and Aerospace Component Manufacturing
airbus.com
81
AIR_2222341
In-progress
Airbus Risk Score (AI oriented)Between 900 and 1000
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
Airbus Global Score.png)
Airbus Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 900 and 1000 |
Airbus Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| Airbus | Vulnerability | 100 | 7/2025 | AIR819071525 | Link | ||
Rankiteo Explanation : Attack threatening the organizationโs existenceDescription: Security researchers have confirmed active exploitation of a critical vulnerability in Wing FTP Server, just one day after technical details were publicly disclosed. The flaw, tracked as CVE-2025-47812, has received the maximum CVSS score of 10.0 and enables unauthenticated remote code execution with root or SYSTEM privileges. Organizations using Wing FTP Server for file transfer operations include major corporations such as Airbus, indicating the potential for significant impact across critical infrastructure sectors. | |||||||
Airbus Company Subsidiaries
Airbus pioneers sustainable aerospace for a safe and united world. The Company constantly innovates to provide efficient and technologically-advanced solutions in aerospace, defence, and connected services. In commercial aircraft, Airbus designs and manufactures modern and fuel-efficient airliners and associated services. Airbus is also a European leader in space systems, defence and security. In helicopters, Airbus provides efficient civil and military rotorcraft solutions and services worldwide.
Access Data Using Our API
Get company history
Rapid.png)
Airbus Cyber Security News
Airbus completes acquisition of infodas, strengthens cybersecurity portfolio
Airbus Defence and Space has finalised the acquisition of infodas, a German company that provides cybersecurity and IT solutions in the public sector.
Fortifying Europe: Defense Contractors and Cybersecurity Firms Poised for Growth Amid NATO's 5% Spending Surge
Fortifying Europe: Defense Contractors and Cybersecurity Firms Poised for Growth Amid NATO's 5% Spending Surge.
Alstom and Airbus mark successful partnership in Cybersecurity at InnoTrans 2024
The partners have successfully developed and field-tested a comprehensive Risk Assessment Methodology for Industrial Security for the rail sector.
5 actions to protect your aircraft from cyberattacks
How can I avoid cyberattacks? ยท #01 Train your team ยท #02 Audit your security processes ยท #03 Secure your network ยท #04 Create a Securityย ...
Top Cybersecurity Employers in France: Who's Hiring and What They Look For
Top cybersecurity employers in France include Thales, Airbus CyberSecurity, and Orange Cyberdefense. These companies provide leadingย ...
Hacker allegedly behind attacks on FBI, Airbus, National Public Data arrested in Brazil
Federal law enforcement in Brazil arrested a hacker allegedly behind several brazen, high-profile cyberattacks. In a statement on Wednesday,ย ...
Cybersecurity M&A Roundup: MasterCard and Visa Announce Cybersecurity Acquisitions
September 2024 saw a plethora of high-profile merger and acquisitions (M&A) announcements, following a relatively quiet Summer period.
Knowledge Transfer Partnership between Airbus and Cardiff University graded โOutstandingโ for AI Cybersecurity Innovation
Knowledge Transfer Partnership between Airbus and Cardiff University graded 'Outstanding' for AI Cybersecurity Innovation.
InnoTrans 2024: Alstom and Airbus Address Cybersecurity in Rail
Alstom and Airbus Protect have created a robust risk assessment framework designed to protect the rail industry from increasing cyber risks.
Airbus Similar Companies
Flight Refuelling Ltd
Key Facts We have a deep understanding of how our equipment will be used and never lose sight of whatโs important to our customers. This insight enables us to design and manufacture products that have the critical functionality customers want and reduce the logistical burden for platforms that
Dassault Aviation
Dassault Aviation is a French aerospace company that shapes the future by designing and building military aircraft, business jets and space systems. Leader on the New Generation Fighter developed within the joint European program FCAS (Future Combat Air System) Designer and manufacturer of the Raf
B/E Aerospace
B/E Aerospace is now part of Rockwell Collins. With the acquisition of B/E Aerospace in April 2017, Rockwell Collins is now a world leader in designing, developing and manufacturing cabin interior products and services that deliver innovation, reliability and efficiency. Our broad range of offeri
Bombardier
Bombardier is a global leader in aviation, focused on designing, manufacturing, and servicing the world's most exceptional business jets. Bombardierโs Challenger and Global aircraft families are renowned for their cutting-edge innovation, cabin design, performance, and reliability. Bombardier has a
Federal Aviation Administration
The FAA is on the leading edge of a new frontier in commercial space transportation, building the next generation (NextGen) of satellite-based navigation systems, and fostering the safe integration of unmanned aerial systems into our airspace. We can only dream of what the next 50 years of American
Textron
Textron Inc. is a multi-industry company that leverages its global network of aircraft, defense, industrial and finance businesses to provide customers with innovative solutions and services. Textron is known around the world for its powerful brands such as Bell, Cessna, Beechcraft, Pipistrel, Jacob
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Airbus CyberSecurity History Information
How many cyber incidents has Airbus faced?
Total Incidents: According to Rankiteo, Airbus has faced 1 incident in the past.
What types of cybersecurity incidents have occurred at Airbus?
Incident Types: The types of cybersecurity incidents that have occurred incident Vulnerability.
How does Airbus detect and respond to cybersecurity incidents?
Detection and Response: The company detects and responds to cybersecurity incidents through containment measures with Disabling or restricting HTTP/HTTPS access to the Wing FTP web portal, Disabling anonymous login functionality, Monitoring session directories for suspicious .lua files, Implementing network segmentation to limit exposure and remediation measures with Upgrading to Wing FTP Server version 7.4.4 or later and communication strategy with Vendor has reportedly contacted customers via email with upgrade guidance and network segmentation with Implementing network segmentation to limit exposure and enhanced monitoring with Monitoring session directories for suspicious .lua files.
Incident Details
Can you provide details on each incident?
Incident : Remote Code Execution
Title: Active Exploitation of CVE-2025-47812 in Wing FTP Server
Description: A critical vulnerability in Wing FTP Server, tracked as CVE-2025-47812, is being actively exploited. The flaw allows unauthenticated remote code execution with root or SYSTEM privileges.
Date Detected: 2025-06-30
Date Publicly Disclosed: 2025-07-01
Type: Remote Code Execution
Attack Vector: Improper handling of null bytes in the Wing FTP Serverโs web interface
Vulnerability Exploited: CVE-2025-47812
Motivation: Gain complete control over the system
What are the most common types of attacks the company has faced?
Common Attack Types: The most common types of attacks the company has faced is Vulnerability.
How does the company identify the attack vectors used in incidents?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Anonymous FTP accounts.
Impact of the Incidents
What was the impact of each incident?
Incident : Remote Code Execution AIR819071525
Systems Affected: Wing FTP Server installations
Which entities were affected by each incident?
Incident : Remote Code Execution AIR819071525
Entity Type: Corporation
Industry: ['Aerospace', 'Media', 'Defense']
Location: United States, China, Germany, United Kingdom, India
Response to the Incidents
What measures were taken in response to each incident?
Incident : Remote Code Execution AIR819071525
Containment Measures: Disabling or restricting HTTP/HTTPS access to the Wing FTP web portal, Disabling anonymous login functionality, Monitoring session directories for suspicious .lua files, Implementing network segmentation to limit exposure
Remediation Measures: Upgrading to Wing FTP Server version 7.4.4 or later
Communication Strategy: Vendor has reportedly contacted customers via email with upgrade guidance
Network Segmentation: ['Implementing network segmentation to limit exposure']
Enhanced Monitoring: Monitoring session directories for suspicious .lua files
Data Breach Information
What measures does the company take to prevent data exfiltration?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Upgrading to Wing FTP Server version 7.4.4 or later.
How does the company handle incidents involving personally identifiable information (PII)?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through were Disabling or restricting HTTP/HTTPS access to the Wing FTP web portal, Disabling anonymous login functionality, Monitoring session directories for suspicious .lua files and Implementing network segmentation to limit exposure.
Lessons Learned and Recommendations
What lessons were learned from each incident?
Incident : Remote Code Execution AIR819071525
Lessons Learned: Organizations should prioritize upgrading to the latest version of Wing FTP Server, conduct thorough security assessments, and implement additional monitoring to detect potential compromise indicators.
What recommendations were made to prevent future incidents?
Incident : Remote Code Execution AIR819071525
Recommendations: Immediate patching and implementation of protective measures such as disabling anonymous login and monitoring session directories.
What are the key lessons learned from past incidents?
Key Lessons Learned: The key lessons learned from past incidents are Organizations should prioritize upgrading to the latest version of Wing FTP Server, conduct thorough security assessments, and implement additional monitoring to detect potential compromise indicators.
What recommendations has the company implemented to improve cybersecurity?
Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: Immediate patching and implementation of protective measures such as disabling anonymous login and monitoring session directories..
References
Where can I find more information about each incident?
Incident : Remote Code Execution AIR819071525
Source: Censys
Incident : Remote Code Execution AIR819071525
Source: Shadowserver Foundation
Where can stakeholders find additional resources on cybersecurity best practices?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: HuntressDate Accessed: 2025-07-01, and Source: Censys, and Source: Shadowserver Foundation.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through was Vendor has reportedly contacted customers via email with upgrade guidance.
Initial Access Broker
How did the initial access broker gain entry for each incident?
Incident : Remote Code Execution AIR819071525
Entry Point: Anonymous FTP accounts
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident?
Incident : Remote Code Execution AIR819071525
Root Causes: Improper handling of null bytes in Wing FTP Serverโs web interface
Corrective Actions: Upgrading to Wing FTP Server version 7.4.4 or later
What is the company's process for conducting post-incident analysis?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Monitoring session directories for suspicious .lua files.
What corrective actions has the company taken based on post-incident analysis?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Upgrading to Wing FTP Server version 7.4.4 or later.
Additional Questions
Incident Details
What was the most recent incident detected?
Most Recent Incident Detected: The most recent incident detected was on 2025-06-30.
What was the most recent incident publicly disclosed?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-07-01.
Impact of the Incidents
What was the most significant system affected in an incident?
Most Significant System Affected: The most significant system affected in an incident was Wing FTP Server installations.
Response to the Incidents
What containment measures were taken in the most recent incident?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Disabling or restricting HTTP/HTTPS access to the Wing FTP web portal, Disabling anonymous login functionality, Monitoring session directories for suspicious .lua files and Implementing network segmentation to limit exposure.
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Organizations should prioritize upgrading to the latest version of Wing FTP Server, conduct thorough security assessments, and implement additional monitoring to detect potential compromise indicators.
What was the most significant recommendation implemented to improve cybersecurity?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Immediate patching and implementation of protective measures such as disabling anonymous login and monitoring session directories..
References
What is the most recent source of information about an incident?
Most Recent Source: The most recent source of information about an incident are Huntress, Censys and Shadowserver Foundation.
Initial Access Broker
What was the most recent entry point used by an initial access broker?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Anonymous FTP accounts.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
