KeyBank
Company Details
Linkedin ID:
keybank
Website:
Employees number:
22,777
Number of followers:
123,132
NAICS:
52211
Industry Type:
Homepage:
key.com
IP Addresses:
0
Company ID:
KEY_1234491
Scan Status:
In-progress
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
KeyBank Vendor Cyber Rating & Cyber Score
key.comAt KeyBank we’ve made a promise to our clients that they will always have a champion in us. To deliver on our promise, we’re committed to building a team of engaged employees who do the right thing for our clients and shareholders, and help them achieve financial wellness each and every day. Headquartered in Cleveland, Ohio, KeyCorp is one of the nation’s largest financial services companies. Key Companies provide investment management, retail and commercial banking, consumer finance and investment banking products to individuals and companies throughout the United States and, for certain businesses, internationally. Follow along for business and industry insights, expert advice and more resources to help you achieve your financial goals. KeyCorp is an Equal Opportunity Employer committed to sustaining an inclusive culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. KeyBank is Member FDIC. Equal Housing Lender. Credit applications are subject to credit approval.
KeyBank A.I CyberSecurity Scoring
KeyBank Risk Score (AI oriented)Between 600 and 649
KeyBank
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
KeyBank Global Score (TPRM)XXXX
KeyBank
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
KeyBank Company CyberSecurity News & History
Past Incidents
6
Attack Types
1
KeyBank N.A.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: On February 11, 2025, the Maine Office of the Attorney General reported a data breach involving KeyBank N.A., which occurred on December 13, 2024, due to an external system breach (hacking). The breach affected 1,227 individuals in total, with 13 residents experiencing compromised personal information, including names, Social Security numbers, and account details. Identity theft protection services were offered to affected individuals.
KeyBank
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: On May 12, 2023, KeyBank experienced a data breach caused by insider wrongdoing, as reported by the Maine Attorney General's Office on June 7, 2023. The incident compromised sensitive information, including financial account numbers and personal details of 181 individuals, among whom 3 were residents of Maine. The exposed data poses a significant risk of identity theft and financial fraud. In response, KeyBank is providing affected individuals with two years of identity theft protection through Equifax Complete Premier to mitigate potential harm. The breach highlights vulnerabilities in internal controls, as the compromise stemmed from malicious or negligent actions by an employee or trusted insider. While the scale of the breach is relatively contained in terms of affected individuals, the nature of the exposed data financial and personal heightens the severity due to the potential for long-term fraudulent exploitation.
KeyBank
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: KeyBank suffered a breach incident because of a third-party vendor that serves multiple corporate clients. The hackers stole personal data including Social Security numbers, addresses, and account numbers of home mortgage holders. KeyBank notified all affected individuals about the breach.
KeyBank
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported a data breach involving KeyBank on August 26, 2022. The breach occurred on July 5, 2022, when an unauthorized external party gained remote access to the Overby-Seawell Company (OSC) network, affecting KeyBank clients' mortgage information. The specific number of individuals affected is unknown.
KeyBank
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The Washington State Office of the Attorney General reported a data breach involving KeyBank on August 26, 2022. The breach, which occurred between May 26, 2022, and July 12, 2022, affected 54,295 residents, with compromised information including names, mortgage details, and home insurance information. Social Security numbers were not impacted.
KeyBank
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The breach reported by KeyBank on February 5, 2021, involved unauthorized access to customer accounts. The compromised information included names, addresses, account numbers, account balances, and transaction details. The number of affected individuals is unknown, but the breach has significant implications for customer trust and potential financial fraud.
KeyBank Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for KeyBank
Incidents vs Banking Industry Average (This Year)
No incidents recorded for KeyBank in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for KeyBank in 2026.
Incident Types KeyBank vs Banking Industry Avg (This Year)
No incidents recorded for KeyBank in 2026.
Incident History — KeyBank (X = Date, Y = Severity)
KeyBank cyber incidents detection timeline including parent company and subsidiaries
KeyBank Company Subsidiaries
At KeyBank we’ve made a promise to our clients that they will always have a champion in us. To deliver on our promise, we’re committed to building a team of engaged employees who do the right thing for our clients and shareholders, and help them achieve financial wellness each and every day. Headquartered in Cleveland, Ohio, KeyCorp is one of the nation’s largest financial services companies. Key Companies provide investment management, retail and commercial banking, consumer finance and investment banking products to individuals and companies throughout the United States and, for certain businesses, internationally. Follow along for business and industry insights, expert advice and more resources to help you achieve your financial goals. KeyCorp is an Equal Opportunity Employer committed to sustaining an inclusive culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. KeyBank is Member FDIC. Equal Housing Lender. Credit applications are subject to credit approval.
Loading...
KeyBank Similar Companies
At Citizens, we recognize that the journey to accomplishment is no longer linear and that individuals are made of all they have done and all they are going to do. As one of the oldest and largest financial services firms in the United States with a history dating back to 1828, we’re committed to pro
Capitec
Imagine simple, affordable banking solutions that work for you – just like it does for over 25 million South Africans. They’re banking smart, paying less and getting more value every day with us. As the country’s leading digital bank, we’re proud to have been voted the Coolest Bank by the youth in
Rabobank
Rabobank is a cooperative bank with a mission. Our goal: to help customers realize their ambitions. We serve about 10 million customers in 47 countries. As an international financial institution, we work on the well-being and prosperity of millions of people. In the Netherlands, we serve individual
Crédit Mutuel
Un modèle mutualiste au service des clients et des salariés. Réseau bancaire mutualiste constitué de 2124 Caisses locales le Crédit Mutuel se compose de 18 fédérations régionales, couvrant tout le territoire français. Société de personnes et non de capitaux, le Crédit Mutuel n’est pas coté en Bou
Comerica Bank
Comerica Bank, a division of Fifth Third Bank, N.A. Member FDIC. Comerica Incorporated (NYSE: CMA) is a financial services company headquartered in Dallas, Texas, strategically aligned by the Business Bank, the Retail Bank, and Wealth Management. The Business Bank provides companies of all sizes wi
1954 yılında, vakıf kaynaklarını ekonomik kalkınmanın gereksinimleri doğrultusunda en iyi biçimde değerlendirmek amacıyla kurulan VakıfBank, o günden bu yana çağdaş bankacılık yöntemleri ve uygulamalarıyla Türkiye’nin tasarruf düzeyinin gelişim sürecine katkıda bulunmaktadır. VakıfBank; bölgesinin e
alinma
Alinma Bank is a Saudi joint stock company formed in accordance with Royal Decree No. M/15 dated 28/2/1427H (28/3/2006) and Ministerial Resolution No. 42 dated 27/2/1427H (27/3/2006). The share capital of Alinma Bank is SAR 20 billion consisting of 1.5 billion shares with a nominal value of SAR 10 p
Since its inception in 1898 with a capital of GBP1 million, NBE has been regarded as one of the oldest and most respected commercial banks in Egypt.Never isolated from national issues or concerns, NBE has been the primary supporter of Egypt’s national economy by financing the major Egyptian national
Banamex
En Banamex una palabra nos ha definido durante nuestra historia: Estar. Estar es acompañar. Estar es avanzar juntos. Acompañar para forjar relaciones auténticas, duraderas, significativas, que nos den confianza y nos impulsen a alcanzar aquello que es importante para ti, para nosotros, para todos.
.png)
KeyBank CyberSecurity News
February 18, 2026 08:00 AM
KeyBank: Middle Market Business Optimism Surges to Near-Historic Levels
Middle market businesses are entering 2026 with surging confidence, with 77% expressing positive outlooks for company performance over the...
January 08, 2026 08:00 AM
KeyBank allegedly sought forgiveness on fraudulent PPP loans
The bank fired a manager for originating suspicious loans but later asked the SBA to forgive them, prosecutors say.
November 10, 2025 08:00 AM
Fed points to market froth as leading stability risk; What KeyBank's new embedded banking boss has planned
November 07, 2025 08:00 AM
What KeyBank's new embedded banking boss has planned
Eric Girard, who became KeyBank's head of embedded banking and co-head of commercial product in October, is aiming to make the technology...
October 30, 2025 07:00 AM
Cyber and fraud incidents are the new normal: Are you prepared or vulnerable?
In a recent KeyBank survey of owners and executives of U.S. businesses, data shows seven in ten companies polled reported experiencing a...
October 27, 2025 07:00 AM
Key Commercial Bank Appoints Industry Veteran Eric Girard to Head Embedded Banking
Key Commercial Bank has named its head of commercial onboarding, Eric Girard, to be its head of embedded banking and its co-head of...
October 07, 2025 07:00 AM
2025 The Most Powerful Women in Banking, No. 12, Amy Brady, KeyBank
Within the bank's tech, operations and services organization, Brady has minimized turnover and preserved institutional knowledge.
October 01, 2025 07:00 AM
City of Mansfield recovers almost all of $748,000 stolen in May email scam
By working with law enforcement, banking partners and the City of Mansfield's insurance carriers, Finance Director Kelly Converse said the...
September 22, 2025 07:00 AM
KeyBank: 1 in 4 small business owners in ‘survival mode’
KeyBank's 2025 Small Business Survey finds owners struggling with inflation, survival mode, and rising costs, but showing resilience and...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
KeyBank CyberSecurity History Information
Official Website of KeyBank
The official website of KeyBank is https://www.key.com.
KeyBank’s AI-Generated Cybersecurity Score
According to Rankiteo, KeyBank’s AI-generated cybersecurity score is 600, reflecting their Poor security posture.
How many security badges does KeyBank’ have ?
According to Rankiteo, KeyBank currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has KeyBank been affected by any supply chain cyber incidents ?
According to Rankiteo, KeyBank has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does KeyBank have SOC 2 Type 1 certification ?
According to Rankiteo, KeyBank is not certified under SOC 2 Type 1.
Does KeyBank have SOC 2 Type 2 certification ?
According to Rankiteo, KeyBank does not hold a SOC 2 Type 2 certification.
Does KeyBank comply with GDPR ?
According to Rankiteo, KeyBank is not listed as GDPR compliant.
Does KeyBank have PCI DSS certification ?
According to Rankiteo, KeyBank does not currently maintain PCI DSS compliance.
Does KeyBank comply with HIPAA ?
According to Rankiteo, KeyBank is not compliant with HIPAA regulations.
Does KeyBank have ISO 27001 certification ?
According to Rankiteo,KeyBank is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of KeyBank
KeyBank operates primarily in the Banking industry.
Number of Employees at KeyBank
KeyBank employs approximately 22,777 people worldwide.
Subsidiaries Owned by KeyBank
KeyBank presently has no subsidiaries across any sectors.
KeyBank’s LinkedIn Followers
KeyBank’s official LinkedIn profile has approximately 123,132 followers.
NAICS Classification of KeyBank
KeyBank is classified under the NAICS code 52211, which corresponds to Commercial Banking.
KeyBank’s Presence on Crunchbase
No, KeyBank does not have a profile on Crunchbase.
KeyBank’s Presence on LinkedIn
Yes, KeyBank maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/keybank.
Cybersecurity Incidents Involving KeyBank
As of April 02, 2026, Rankiteo reports that KeyBank has experienced 6 cybersecurity incidents.
Number of Peer and Competitor Companies
KeyBank has an estimated 7,284 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at KeyBank ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does KeyBank detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with notified all affected individuals, and third party assistance with equifax (for identity theft protection services), and remediation measures with offering two years of identity theft protection (equifax complete premier) to affected individuals, and communication strategy with public disclosure via maine attorney general's office; likely direct notification to affected individuals..
Incident Details
Can you provide details on each incident ?
Title: KeyBank Data Breach via Third-Party Vendor
Description: KeyBank suffered a breach incident because of a third-party vendor that serves multiple corporate clients. The hackers stole personal data including Social Security numbers, addresses, and account numbers of home mortgage holders. KeyBank notified all affected individuals about the breach.
Type: Data Breach
Attack Vector: Third-Party Vendor
Title: KeyBank Data Breach
Description: Unauthorized access to customer accounts involving names, addresses, account numbers, account balances, and transaction details.
Date Detected: 2021-02-05
Date Publicly Disclosed: 2021-02-05
Type: Data Breach
Attack Vector: Unauthorized Access
Title: KeyBank Data Breach
Description: The Washington State Office of the Attorney General reported a data breach involving KeyBank on August 26, 2022. The breach, which occurred between May 26, 2022, and July 12, 2022, affected 54,295 residents, with compromised information including names, mortgage details, and home insurance information. Social Security numbers were not impacted.
Date Detected: 2022-07-12
Date Publicly Disclosed: 2022-08-26
Type: Data Breach
Title: KeyBank N.A. Data Breach
Description: A data breach involving KeyBank N.A. occurred on December 13, 2024, due to an external system breach (hacking). The breach affected 1,227 individuals in total, with 13 residents experiencing compromised personal information, including names, Social Security numbers, and account details. Identity theft protection services were offered to affected individuals.
Date Detected: 2024-12-13
Date Publicly Disclosed: 2025-02-11
Type: Data Breach
Attack Vector: External System Breach (Hacking)
Title: KeyBank Data Breach
Description: The California Office of the Attorney General reported a data breach involving KeyBank on August 26, 2022. The breach occurred on July 5, 2022, when an unauthorized external party gained remote access to the Overby-Seawell Company (OSC) network, affecting KeyBank clients' mortgage information. The specific number of individuals affected is unknown.
Date Detected: 2022-07-05
Date Publicly Disclosed: 2022-08-26
Type: Data Breach
Attack Vector: Remote Access
Threat Actor: Unauthorized External Party
Title: KeyBank Data Breach Due to Insider Wrongdoing
Description: The Maine Attorney General's Office reported a data breach involving KeyBank on June 7, 2023. The breach occurred on May 12, 2023, due to insider wrongdoing, affecting 181 individuals, including 3 residents of Maine. The compromised information included financial account numbers and personal details, and KeyBank is offering two years of identity theft protection through Equifax Complete Premier.
Date Detected: 2023-05-12
Date Publicly Disclosed: 2023-06-07
Type: Data Breach
Attack Vector: Insider Threat
Threat Actor: Insider (Employee/Associate)
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach KEY2114141122
Data Compromised: Social security numbers, Addresses, Account numbers
Incident : Data Breach KEY253072625
Data Compromised: Names, Addresses, Account numbers, Account balances, Transaction details
Incident : Data Breach KEY427072625
Data Compromised: Names, Mortgage details, Home insurance information
Incident : Data Breach KEY146072725
Data Compromised: Names, Social security numbers, Account details
Identity Theft Risk: High
Incident : Data Breach KEY526080525
Data Compromised: Mortgage Information
Incident : Data Breach KEY717082025
Data Compromised: Financial account numbers, Personal details
Brand Reputation Impact: Potential reputational damage due to insider breach and exposure of sensitive data
Identity Theft Risk: High (financial account numbers and personal details exposed)
Payment Information Risk: High (financial account numbers compromised)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Social Security Numbers, Addresses, Account Numbers, , Names, Addresses, Account Numbers, Account Balances, Transaction Details, , Names, Mortgage Details, Home Insurance Information, , Names, Social Security Numbers, Account Details, , Mortgage Information, Financial Account Numbers, Personal Details and .
Which entities were affected by each incident ?
Incident : Data Breach KEY2114141122
Entity Name: KeyBank
Entity Type: Corporation
Industry: Financial Services
Incident : Data Breach KEY253072625
Entity Name: KeyBank
Entity Type: Financial Institution
Industry: Banking
Incident : Data Breach KEY427072625
Entity Name: KeyBank
Entity Type: Financial Institution
Industry: Banking
Customers Affected: 54295
Incident : Data Breach KEY146072725
Entity Name: KeyBank N.A.
Entity Type: Financial Institution
Industry: Banking
Customers Affected: 1227
Incident : Data Breach KEY526080525
Entity Name: KeyBank
Entity Type: Financial Institution
Industry: Banking
Incident : Data Breach KEY717082025
Entity Name: KeyBank
Entity Type: Financial Institution
Industry: Banking/Financial Services
Location: United States
Customers Affected: 181
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach KEY2114141122
Communication Strategy: Notified all affected individuals
Incident : Data Breach KEY717082025
Third Party Assistance: Equifax (for identity theft protection services)
Remediation Measures: Offering two years of identity theft protection (Equifax Complete Premier) to affected individuals
Communication Strategy: Public disclosure via Maine Attorney General's Office; likely direct notification to affected individuals
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Equifax (for identity theft protection services).
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach KEY2114141122
Type of Data Compromised: Social security numbers, Addresses, Account numbers
Incident : Data Breach KEY253072625
Type of Data Compromised: Names, Addresses, Account numbers, Account balances, Transaction details
Personally Identifiable Information: namesaddresses
Incident : Data Breach KEY427072625
Type of Data Compromised: Names, Mortgage details, Home insurance information
Number of Records Exposed: 54295
Personally Identifiable Information: names
Incident : Data Breach KEY146072725
Type of Data Compromised: Names, Social security numbers, Account details
Number of Records Exposed: 1227
Sensitivity of Data: High
Incident : Data Breach KEY526080525
Type of Data Compromised: Mortgage Information
Incident : Data Breach KEY717082025
Type of Data Compromised: Financial account numbers, Personal details
Number of Records Exposed: 181
Sensitivity of Data: High
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Offering two years of identity theft protection (Equifax Complete Premier) to affected individuals.
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach KEY717082025
Regulatory Notifications: Maine Attorney General's Office (and potentially other state regulators, given the multi-state impact)
References
Where can I find more information about each incident ?
Incident : Data Breach KEY427072625
Source: Washington State Office of the Attorney General
Date Accessed: 2022-08-26
Incident : Data Breach KEY146072725
Source: Maine Office of the Attorney General
Date Accessed: 2025-02-11
Incident : Data Breach KEY526080525
Source: California Office of the Attorney General
Date Accessed: 2022-08-26
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Washington State Office of the Attorney GeneralDate Accessed: 2022-08-26, and Source: Maine Office of the Attorney GeneralDate Accessed: 2025-02-11, and Source: California Office of the Attorney GeneralDate Accessed: 2022-08-26, and Source: Maine Attorney General's OfficeDate Accessed: 2023-06-07.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Notified all affected individuals and Public disclosure via Maine Attorney General's Office; likely direct notification to affected individuals.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach KEY717082025
Customer Advisories: Two years of identity theft protection offered to affected individuals via Equifax Complete Premier
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was Two years of identity theft protection offered to affected individuals via Equifax Complete Premier.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach KEY717082025
High Value Targets: Financial Account Numbers, Personal Details,
Data Sold on Dark Web: Financial Account Numbers, Personal Details,
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach KEY717082025
Root Causes: Insider wrongdoing (intentional or negligent misconduct by an employee/associate)
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Equifax (for identity theft protection services).
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Unauthorized External Party and Insider (Employee/Associate).
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2021-02-05.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2023-06-07.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Social Security numbers, addresses, account numbers, , names, addresses, account numbers, account balances, transaction details, , names, mortgage details, home insurance information, , Names, Social Security numbers, Account details, , Mortgage Information, Financial account numbers, Personal details and .
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Equifax (for identity theft protection services).
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Social Security numbers, transaction details, Names, mortgage details, Mortgage Information, addresses, Financial account numbers, account balances, Personal details, names, home insurance information, account numbers and Account details.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 947.0.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Washington State Office of the Attorney General, Maine Office of the Attorney General, Maine Attorney General's Office and California Office of the Attorney General.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Two years of identity theft protection offered to affected individuals via Equifax Complete Premier.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=keybank' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
