Comparison Overview

CMA CGM

4, Quai d'arenc, Marseille, 13002, FR

Last Update: 2026-04-02

Between 750 and 799

The CMA CGM Group is a global player in sea, land, air and logistics solutions, true to its corporate Purpose, "We imagine better ways to serve a world in motion". Present in 177 countries, it employs 160,000 people, of which nearly 6,000 in Marseilles where its head office is located. The world's 3rd largest shipping company, CMA CGM serves more than 420 ports across 5 continents with a fleet of over 650 vessels. In 2024, CMA CGM carried over 23 million TEU (twenty-foot equivalent unit) containers. Its subsidiary CEVA Logistics, one of the world's top five players, operates 1,000 warehouses and handled 15 million shipments in 2024. CMA CGM AIR CARGO, the Group's air freight division, will operate a fleet of 6 cargo aircraft by 2025. CMA Media, France's 3rd largest private media group, includes RMC-BFM and several national and regional press titles (La Tribune Dimanche, La Tribune, La Provence and Corse Matin). Committed to energy transition, the CMA CGM Group is aiming for Net Zero Carbon by 2050. The CMA CGM Foundation provides humanitarian aid in crisis situations, and is committed to education for all and equal opportunities throughout the world. To date, the CMA CGM Foundation has transported 63,000 tons of humanitarian aid to 97 countries and supported over 550 educational projects.

NAICS: 47

NAICS Definition: Transportation and Warehousing

Employees: 30,339

Subsidiaries: 12

12-month incidents

0

Known data breaches

0

Attack type number

2

View Profile

GEODIS

Espace Seine, LEVALLOIS-PERRET, 92300, FR

Last Update: 2026-04-01

Between 750 and 799

http://www.geodis.com

GEODIS is a leading global logistics provider acknowledged for its expertise across all aspects of the supply chain. As a growth partner to its clients, GEODIS specializes in four lines of business: Global Freight Forwarding, Global Contract Logistics, Distribution & Express Transport, and European Road Network. With a global network spanning nearly 170 countries and more than 49,400 employees, GEODIS is ranked no. 5 in its sector across the world. In 2022, GEODIS generated €13.7 billion in revenue. GEODIS is a company owned by SNCF group.

NAICS: 47

NAICS Definition: Transportation and Warehousing

Employees: 30,686

Subsidiaries: 5

12-month incidents

0

Known data breaches

0

Attack type number

0

CMA CGM

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

GEODIS

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Transportation, Logistics, Supply Chain and Storage Industry Average (This Year)

No incidents recorded for CMA CGM in 2026.

Incidents vs Transportation, Logistics, Supply Chain and Storage Industry Average (This Year)

No incidents recorded for GEODIS in 2026.

Incident History — CMA CGM (X = Date, Y = Severity)

CMA CGM cyber incidents detection timeline including parent company and subsidiaries

Incident History — GEODIS (X = Date, Y = Severity)

GEODIS cyber incidents detection timeline including parent company and subsidiaries

CMA CGM

Incidents

Date Detected: 9/2021

Type:Ransomware

Attack Vector: ransomware (Ragnar Locker)

Motivation: financial gain, data theft

Blog: Blog

Date Detected: 9/2020

Type:Ransomware

Motivation: financial gain

Blog: Blog

Date Detected: 2/2017

Type:Cyber Attack

Attack Vector: remote hacking, navigation system compromise

Motivation: financial gain (piracy), physical seizure of vessel, ransom

Blog: Blog

GEODIS

Incidents

No Incident

GEODIS company demonstrates a stronger AI Cybersecurity Score compared to CMA CGM company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

CMA CGM company has historically faced a number of disclosed cyber incidents, whereas GEODIS company has not reported any.

In the current year, GEODIS company and CMA CGM company have not reported any cyber incidents.

CMA CGM company has confirmed experiencing a ransomware attack, while GEODIS company has not reported such incidents publicly.

Neither GEODIS company nor CMA CGM company has reported experiencing a data breach publicly.

CMA CGM company has reported targeted cyberattacks, while GEODIS company has not reported such incidents publicly.

Neither CMA CGM company nor GEODIS company has reported experiencing or disclosing vulnerabilities publicly.

Neither CMA CGM nor GEODIS holds any compliance certifications.

Neither company holds any compliance certifications.

CMA CGM company has more subsidiaries worldwide compared to GEODIS company.

GEODIS company employs more people globally than CMA CGM company, reflecting its scale as a Transportation, Logistics, Supply Chain and Storage.

Neither CMA CGM nor GEODIS holds SOC 2 Type 1 certification.

Neither CMA CGM nor GEODIS holds SOC 2 Type 2 certification.

Neither CMA CGM nor GEODIS holds ISO 27001 certification.

Neither CMA CGM nor GEODIS holds PCI DSS certification.

Neither CMA CGM nor GEODIS holds HIPAA certification.

Neither CMA CGM nor GEODIS holds GDPR certification.

Description

A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date

2026-04-01

Updated

Date

2026-04-01

Risk Information

cvss2

Base: 5.0

Severity: LOW

AV:N/AC:L/Au:N/C:N/I:N/A:P

cvss3

Base: 4.3

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

cvss4

Base: 5.3

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published

Date

2026-04-01

Updated

Date

2026-04-01

Risk Information

cvss3

Base: 7.8

Severity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

cvss4

Base: 8.4

Severity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.

Published

Date

2026-04-01

Updated

Date

2026-04-01

Risk Information

cvss3

Base: 7.8

Severity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

cvss4

Base: 8.4

Severity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published

Date

2026-04-01

Updated

Date

2026-04-01

Risk Information

cvss3

Base: 7.8

Severity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

cvss4

Base: 8.4

Severity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published

Date

2026-04-01

Updated

Date

2026-04-01

Risk Information

cvss3

Base: 7.8

Severity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

cvss4

Base: 8.4

Severity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

CMA CGM

VS

GEODIS

CMA CGM

GEODIS

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Transportation, Logistics, Supply Chain and Storage Industry Average (This Year)

Incidents vs Transportation, Logistics, Supply Chain and Storage Industry Average (This Year)

Incident History — CMA CGM (X = Date, Y = Severity)

Incident History — GEODIS (X = Date, Y = Severity)

Notable Incidents

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2026-5314

Risk Information

CVE-2026-32929

Risk Information

CVE-2026-32928

Risk Information

CVE-2026-32927

Risk Information

CVE-2026-32926

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

CMA CGM

VS

GEODIS

CMA CGM

GEODIS

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Transportation, Logistics, Supply Chain and Storage Industry Average (This Year)

Incidents vs Transportation, Logistics, Supply Chain and Storage Industry Average (This Year)

Incident History — CMA CGM (X = Date, Y = Severity)

Incident History — GEODIS (X = Date, Y = Severity)

Notable Incidents

🔒 Incident : Ransomware CMA330092125

🔒 Incident : Ransomware CMA642092025

🔒 Incident : Cyber Attack CMA840092125

No Incident

FAQ

Between CMA CGM company and GEODIS company, which one has the best AI Cybersecurity Score ?

Between CMA CGM company and GEODIS company, which one has experienced more cyber incidents in the past ?

Between CMA CGM company and GEODIS company, which one has experienced more cyber incidents this year ?

Between CMA CGM company and GEODIS company, which one has experienced at least one ransomware attack ?

Between CMA CGM company and GEODIS company, which one has experienced at least one data breach ?

Between CMA CGM company and GEODIS company, which one has experienced at least one targeted cyberattack ?

Between CMA CGM company and GEODIS company, which one has experienced at least one vulnerability ?

Between CMA CGM company and GEODIS company, which one holds the most compliance certifications ?

Between CMA CGM company and GEODIS company, which one holds the fewest compliance certifications ?

Between CMA CGM company and GEODIS company, which one has the most subsidiaries ?

Between CMA CGM company and GEODIS company, which one has the largest number of employees ?

Between CMA CGM and GEODIS, which company holds both SOC 2 Type 1 certifications ?

Between CMA CGM and GEODIS, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — CMA CGM or GEODIS ?

Which company is PCI DSS compliant — CMA CGM or GEODIS ?

Between CMA CGM and GEODIS, which company complies with HIPAA regulations for healthcare data ?

Between CMA CGM and GEODIS, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2026-5314

Risk Information

CVE-2026-32929

Risk Information

CVE-2026-32928

Risk Information

CVE-2026-32927

Risk Information

CVE-2026-32926

Risk Information