SUSE Company Cyber Security Posture
suse.comSUSE is a global leader in innovative, reliable and secure enterprise open source solutions, including SUSEโ Linux Suite, SUSEโ Rancher Suite, SUSEโ Edge Suite and SUSEโ AI Suite. More than 60% of the Fortune 500 rely on SUSE to power their mission-critical workloads, enabling them to innovate everywhere โ from the data center to the cloud, to the edge and beyond. SUSE puts the โopenโ back in open source, collaborating with partners and communities to give customers the agility to tackle innovation challenges today and the freedom to evolve their strategy and solutions tomorrow. For more information, visit www.suse.com.
SUSE Company Details
suse
2613 employees
172307.0
511
Software Development
suse.com
Scan still pending
SUS_3321211
In-progress
SUSE Risk Score (AI oriented)Between 900 and 1000
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
SUSE Global Score.png)
SUSE Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 900 and 1000 |
SUSE Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| Carbonite | Breach | 60 | 4 | 06/2016 | CAR1914123 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: Carbonite, a provider of online computer and server backup services suffered a password reuse attack in which some usersโ credentials, obtained elsewhere, were used to obtain user data. The company notified its more than 1.5 million individual and small business customers and forced them to password reset. The attack was a result of a third-party attacker using compromised email addresses and passwords obtained from other companies that were previously attacked. | |||||||
| SUSE | Vulnerability | 100 | 5 | 7/2025 | SUS629073125 | Link | |
Rankiteo Explanation : Attack threatening the organization's existenceDescription: A critical security vulnerability in SUSE Manager allows unauthenticated attackers to execute arbitrary commands with root privileges. This flaw, tracked as CVE-2025-46811, has a CVSS 4.0 score of 9.3 and affects multiple versions of SUSE Manager across various platforms. The vulnerability stems from a Missing Authentication for Critical Function weakness, which targets a specific websocket endpoint. Organizations are at risk of widespread compromise, requiring immediate updates to mitigate the threat. The impact is significant as it could lead to complete system compromise, affecting enterprise infrastructure. | |||||||
SUSE Company Subsidiaries
SUSE is a global leader in innovative, reliable and secure enterprise open source solutions, including SUSEโ Linux Suite, SUSEโ Rancher Suite, SUSEโ Edge Suite and SUSEโ AI Suite. More than 60% of the Fortune 500 rely on SUSE to power their mission-critical workloads, enabling them to innovate everywhere โ from the data center to the cloud, to the edge and beyond. SUSE puts the โopenโ back in open source, collaborating with partners and communities to give customers the agility to tackle innovation challenges today and the freedom to evolve their strategy and solutions tomorrow. For more information, visit www.suse.com.
Access Data Using Our API
Get company history
Rapid.png)
SUSE Cyber Security News
Critical SUSE Manager Vulnerability Allows Remote Command Execution as Root
A critical security vulnerability has been discovered in SUSE Manager that enables attackers to execute arbitrary commands.
New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributions
Linux systems are vulnerable if they use pam_namespace to set up polyinstantiated directories for which the path to either the polyinstantiatedย ...
SUSE Executive Thomas Di Giacomo Joins SpiderOak Advisory Board
SUSE Chief Technology and Product Officer Thomas Di Giacomo has been appointed to the board of advisers of cybersecurity company SpiderOak.
SUSE Security announces integration with Microsoft Sentinel and Microsoft Security Copilot
SUSE, a provider of innovative, open, and secure enterprise-grade solutions, today announced an integration between SUSE Security andย ...
Critical Injection Vulnerability in SUSE Linux Distro Let Attackers Exploits "go-git" Library
This flaw arises from improper processing of the URL field, creating an opening for argument injection attacks that could compromise systemย ...
SUSE integrates with Microsoft for enhanced cloud security
SUSE has revealed an integration with Microsoft's cloud-native security systems. It provides automated threat response capabilities forย ...
Chaining two LPEs to get "root": Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019)
Chaining two LPEs to get โrootโ: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019). Qualys researchers have unearthed two localย ...
SUSE Security events land on Microsoft Sentinel and Security Copilot
SUSE Security events land on Microsoft Sentinel and Security Copilot ยท Critical vulnerability discovered in Copilot Enterprise ยท SentinelOneย ...
Qualys Uncovers Local Privilege Escalation Flaws
This libblockdev/udisks flaw is extremely significant. Although it nominally requires โallow_activeโ privileges, udisks ships by default onย ...
SUSE Similar Companies
The Facebook company is now Meta. Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving
Shopify
Shopify is a leading global commerce company, providing trusted tools to start, grow, market, and manage a retail business of any size. Shopify makes commerce better for everyone with a platform and services that are engineered for reliability, while delivering a better shopping experience for consu
Juniper Networks
Juniper Networks is leading the revolution in networking, making it one of the most exciting technology companies in Silicon Valley today. Since being founded by Pradeep Sindhu, Dennis Ferguson, and Bjorn Liencres nearly 20 years ago, Juniperโs sole mission has been to create innovative products and
IDEMIA
IDEMIA Group unlocks simpler and safer ways to pay, connect, access, identify, travel and protect public places. With its long-standing expertise in biometrics and cryptography, IDEMIA develops technologies of excellence with an impactful, ethical, and socially responsible approach. Every day, IDEMI
Adobe
Adobe is the global leader in digital media and digital marketing solutions. Our creative, marketing and document solutions empower everyone โ from emerging artists to global brands โ to bring digital creations to life and deliver immersive, compelling experiences to the right person at the right mo
HubSpot
HubSpot is a leading CRM platform that provides software and support to help businesses grow better. Our platform includes marketing, sales, service, and website management products that start free and scale to meet our customersโ needs at any stage of growth. Today, thousands of customers around th
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
SUSE CyberSecurity History Information
How many cyber incidents has SUSE faced?
Total Incidents: According to Rankiteo, SUSE has faced 2 incidents in the past.
What types of cybersecurity incidents have occurred at SUSE?
Incident Types: The types of cybersecurity incidents that have occurred incidents Vulnerability and Breach.
How does SUSE detect and respond to cybersecurity incidents?
Detection and Response: The company detects and responds to cybersecurity incidents through containment measures with Network segmentation, Access controls review and remediation measures with Immediate patching, Version audits and network segmentation with True and enhanced monitoring with True and containment measures with Forced password reset and communication strategy with Customer notification.
Incident Details
Can you provide details on each incident?
Incident : Vulnerability Exploitation
Title: Critical Vulnerability in SUSE Manager (CVE-2025-46811)
Description: A newly disclosed critical security vulnerability in SUSE Manager poses severe risks to enterprise infrastructure, allowing unauthenticated attackers to execute arbitrary commands with root privileges.
Type: Vulnerability Exploitation
Attack Vector: Network Accessible (AV:N), Low Attack Complexity (AC:L), No Required Privileges (PR:N)
Vulnerability Exploited: CVE-2025-46811
Incident : Password Reuse Attack
Title: Password Reuse Attack on Carbonite
Description: Carbonite, a provider of online computer and server backup services, suffered a password reuse attack in which some usersโ credentials, obtained elsewhere, were used to obtain user data. The company notified its more than 1.5 million individual and small business customers and forced them to password reset. The attack was a result of a third-party attacker using compromised email addresses and passwords obtained from other companies that were previously attacked.
Type: Password Reuse Attack
Attack Vector: Compromised Credentials
Vulnerability Exploited: Password Reuse
Threat Actor: Third-party attacker
Motivation: Data Theft
What are the most common types of attacks the company has faced?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Websocket endpoint: /rhn/websocket/minion/remote-commands.
Impact of the Incidents
What was the impact of each incident?
Incident : Vulnerability Exploitation SUS629073125
Systems Affected: Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1, SLES15-SP4-Manager-Server-4-3-BYOS (all variants), SLES15-SP4-Manager-Server-4-3-BYOS-Azure, SLES15-SP4-Manager-Server-4-3-BYOS-EC2, SLES15-SP4-Manager-Server-4-3-BYOS-GCE, SUSE Manager Server Module 4.3
Incident : Password Reuse Attack CAR1914123
Data Compromised: User Data
What types of data are most commonly compromised in incidents?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are User Credentials.
Which entities were affected by each incident?
Incident : Password Reuse Attack CAR1914123
Entity Type: Service Provider
Industry: Technology
Size: More than 1.5 million customers
Customers Affected: 1.5 million
Response to the Incidents
What measures were taken in response to each incident?
Incident : Vulnerability Exploitation SUS629073125
Containment Measures: Network segmentation, Access controls review
Remediation Measures: Immediate patching, Version audits
Network Segmentation: True
Enhanced Monitoring: True
Incident : Password Reuse Attack CAR1914123
Containment Measures: Forced password reset
Communication Strategy: Customer notification
Data Breach Information
What type of data was compromised in each breach?
Incident : Password Reuse Attack CAR1914123
Type of Data Compromised: User Credentials
What measures does the company take to prevent data exfiltration?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Immediate patching, Version audits.
How does the company handle incidents involving personally identifiable information (PII)?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through were Network segmentation, Access controls review and Forced password reset.
Lessons Learned and Recommendations
What recommendations were made to prevent future incidents?
Incident : Vulnerability Exploitation SUS629073125
Recommendations: Prioritize immediate patching, Monitor for suspicious activity
What recommendations has the company implemented to improve cybersecurity?
Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: Prioritize immediate patching, Monitor for suspicious activity.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through was Customer notification.
Initial Access Broker
How did the initial access broker gain entry for each incident?
Incident : Vulnerability Exploitation SUS629073125
Entry Point: Websocket endpoint: /rhn/websocket/minion/remote-commands
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident?
Incident : Vulnerability Exploitation SUS629073125
Root Causes: Missing Authentication for Critical Function (CWE-306)
Incident : Password Reuse Attack CAR1914123
Root Causes: Password Reuse
Corrective Actions: Forced password reset
What corrective actions has the company taken based on post-incident analysis?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Forced password reset.
Additional Questions
General Information
Who was the attacking group in the last incident?
Last Attacking Group: The attacking group in the last incident was an Third-party attacker.
Impact of the Incidents
What was the most significant data compromised in an incident?
Most Significant Data Compromised: The most significant data compromised in an incident was User Data.
What was the most significant system affected in an incident?
Most Significant System Affected: The most significant system affected in an incident were Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1, SLES15-SP4-Manager-Server-4-3-BYOS (all variants), SLES15-SP4-Manager-Server-4-3-BYOS-Azure, SLES15-SP4-Manager-Server-4-3-BYOS-EC2, SLES15-SP4-Manager-Server-4-3-BYOS-GCE, SUSE Manager Server Module 4.3.
Response to the Incidents
What containment measures were taken in the most recent incident?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Network segmentation, Access controls review and Forced password reset.
Data Breach Information
What was the most sensitive data compromised in a breach?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was User Data.
Lessons Learned and Recommendations
What was the most significant recommendation implemented to improve cybersecurity?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Prioritize immediate patching, Monitor for suspicious activity.
Initial Access Broker
What was the most recent entry point used by an initial access broker?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Websocket endpoint: /rhn/websocket/minion/remote-commands.
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Missing Authentication for Critical Function (CWE-306), Password Reuse.
What was the most significant corrective action taken based on post-incident analysis?
Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was Forced password reset.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
