Aselsan
Company Details
Linkedin ID:
aselsan
Website:
Employees number:
16,729
Number of followers:
1,140,690
NAICS:
336414
Industry Type:
Homepage:
aselsan.com
IP Addresses:
0
Company ID:
ASE_2683908
Scan Status:
In-progress
Aselsan Company CyberSecurity Posture
aselsan.com
ASELSAN is a company of Turkish Armed Forces Foundation, established in 1975 in order to meet the communication needs of the Turkish Armed Forces by national means. Currently 74,20% of the shares are owned by the Foundation whereas the remaining 25,8% runs in İstanbul Borsa stock market. ASELSAN is the largest defense electronics company of Turkey whose capability/product portfolio comprises communication and information technologies, radar and electronic warfare, electro-optics, avionics, unmanned systems, land, naval and weapon systems, air defence and missile systems, command and control systems, transportation, security, traffic, automation and medical systems. Today ASELSAN has become an indigenous products exporting company, investing in international markets through various cooperation models with local partners and listed as one of the top 100 defence companies of the world (Defense News Top 100).
Aselsan A.I CyberSecurity Scoring
Aselsan Risk Score (AI oriented)Between 750 and 799
Aselsan
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Aselsan Global Score (TPRM)XXXX
Aselsan
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Aselsan Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Turkish defense company
Cyber Attack
Rankiteo Explanation
Attack threatening the organization's existence
Description: A sophisticated cyberattack campaign by the advanced persistent threat group, Stealth Falcon, targeted a major Turkish defense company. The attack exploited a previously unknown zero-day vulnerability to execute malware remotely, using a malicious .url file likely distributed via spear-phishing. The attack allowed arbitrary code execution through process hollowing, bypassing traditional defenses. The group deployed 'Horus Agent,' a custom-built implant, and several undisclosed custom tools, focusing on reconnaissance and evading detection. The attack highlights the ongoing threat posed by APT groups targeting critical infrastructure and defense organizations.
Aselsan Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Aselsan
Incidents vs Defense and Space Manufacturing Industry Average (This Year)
Aselsan has 33.33% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Aselsan has 28.21% more incidents than the average of all companies with at least one recorded incident.
Incident Types Aselsan vs Defense and Space Manufacturing Industry Avg (This Year)
Aselsan reported 1 incidents this year: 1 cyber attacks, 0 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — Aselsan (X = Date, Y = Severity)
Aselsan cyber incidents detection timeline including parent company and subsidiaries
Aselsan Company Subsidiaries
ASELSAN is a company of Turkish Armed Forces Foundation, established in 1975 in order to meet the communication needs of the Turkish Armed Forces by national means. Currently 74,20% of the shares are owned by the Foundation whereas the remaining 25,8% runs in İstanbul Borsa stock market. ASELSAN is the largest defense electronics company of Turkey whose capability/product portfolio comprises communication and information technologies, radar and electronic warfare, electro-optics, avionics, unmanned systems, land, naval and weapon systems, air defence and missile systems, command and control systems, transportation, security, traffic, automation and medical systems. Today ASELSAN has become an indigenous products exporting company, investing in international markets through various cooperation models with local partners and listed as one of the top 100 defence companies of the world (Defense News Top 100).
Loading...
Aselsan Similar Companies
Indian Army
The Indian Army is the largest branch of the Indian Armed Forces and is responsible for land-based military operations. Its primary mission is the National Security and Defense of India from external aggression and threats, and maintaining peace and security within its borders. It also conducts huma
Naval Sea Systems Command (NAVSEA) Careers
We are NAVSEA. The Force Behind the Fleet. Join us and become part of a mission-driven team, at one of the best places to work in the federal government. This NAVSEA LinkedIn page is all about connecting with talented individuals ready to make a difference through a rewarding career with us. We shar
As an integrated technology group, the listed company Rheinmetall AG, headquartered in Düsseldorf, stands for a company that is as strong in substance as it is successful internationally, and that is active in various markets with an innovative range of products and services. Rheinmetall is a leadin
As a leading defence and security company, we offer solutions that range from the depths of the oceans to high in the sky, on land and in cyberspace, to keep people and society safe. Empowered by our 22,000 talented people, we constantly push the boundaries of technology to create a safer, more sus
Sandia National Laboratories is the nation’s premier DOE science and engineering lab for national security and technology innovation. Our team of scientists, engineers, researchers, and business specialists apply their knowledge and skill toward delivering cutting-edge technology in an array of area
Republic of Korea Air Force
The Republic of Korea Air Force (ROKAF; Korean: 대한민국 공군; Hanja: 大韓民國 空軍; Revised Romanization: Daehanminguk Gong-gun), also known as the ROK Air Force, is the aerial warfare service branch of South Korea, operating under the South Korean Ministry of National Defense. The ROKAF has about 450 combat
Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion. The Group invests more than €4
Leidos
Leidos is a Fortune 500® innovation company rapidly addressing the world’s most vexing challenges in national security and health. The company's global workforce of 48,000 collaborates to create smarter technology solutions for customers in heavily regulated industries. Headquartered in Reston, Virg
Amentum is a global leader in advanced engineering and innovative technology solutions, trusted by the United States and its allies to address their most significant and complex challenges in science, security and sustainability. Our people apply undaunted curiosity, relentless ambition and boundles
.png)
Aselsan CyberSecurity News
November 27, 2025 10:38 AM
Powering a revolution: Born out of embargoes, Türkiye’s defence giant Aselsan turns 50
The Turkish company is now among the world's best, developing cutting-edge defence technologies which are exported to nations around the...
November 12, 2025 08:00 AM
Defense & Security 2025: Aselsan highlights Steel Dome progress
Turkey is developing its own air defense system, the Steel Dome, led by Aselsan, focusing on system communication.
September 23, 2025 07:00 AM
Turkey arrests 7 suspects in defense industry espionage case
Seven people, including former customs officials, have been arrested in Turkey on charges of military and commercial espionage after...
September 15, 2025 07:00 AM
Turkey Launches $1.9 Billion “Turkish Iron Dome” Project with ASELSAN
The Turkish government has signed a $1.9 billion contract with defense corporation ASELSAN to develop an advanced air defense system aimed...
August 18, 2025 07:00 AM
SAMI inks deal with US firm Amentum to boost land defense systems, localize spare parts
https://arab.news/2pwdq. Deal marks pivotal milestone in strengthening readiness of Kingdom's land systems; It reinforces SAMI's position as...
August 11, 2025 07:00 AM
APT Sidewinder Hacks into Government and Military Systems to Harvest Login Credentials
APT Sidewinder - A sophisticated cyber espionage campaign attributed to APT Sidewinder has been discovered targeting government.
August 11, 2025 07:00 AM
IDEF 2025 – Aselsan Turan 100 BR-OM, a mobile tactical cloud for warfighters
At the Istanbul exhibition IDEF, Aselsan unveiled the Turan 100 BR-OM, a mobile tactical cloud installed on a utility vehicle.
August 10, 2025 07:00 AM
APT Sidewinder Mimics Government and Military Agencies to Steal Login Credentials
Cybersecurity researchers have uncovered an extensive phishing campaign orchestrated by APT Sidewinder, a persistent threat actor believed.
June 16, 2025 07:00 AM
ASELSAN deepens ties with Indonesia at INDO DEFENCE
ASELSAN, Türkiye's leading defense company, signed five agreements at INDO DEFENCE that will increase its influence in the Indonesian defense ecosystem.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Aselsan CyberSecurity History Information
Official Website of Aselsan
The official website of Aselsan is https://www.aselsan.com/tr.
Aselsan’s AI-Generated Cybersecurity Score
According to Rankiteo, Aselsan’s AI-generated cybersecurity score is 785, reflecting their Fair security posture.
How many security badges does Aselsan’ have ?
According to Rankiteo, Aselsan currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Aselsan have SOC 2 Type 1 certification ?
According to Rankiteo, Aselsan is not certified under SOC 2 Type 1.
Does Aselsan have SOC 2 Type 2 certification ?
According to Rankiteo, Aselsan does not hold a SOC 2 Type 2 certification.
Does Aselsan comply with GDPR ?
According to Rankiteo, Aselsan is not listed as GDPR compliant.
Does Aselsan have PCI DSS certification ?
According to Rankiteo, Aselsan does not currently maintain PCI DSS compliance.
Does Aselsan comply with HIPAA ?
According to Rankiteo, Aselsan is not compliant with HIPAA regulations.
Does Aselsan have ISO 27001 certification ?
According to Rankiteo,Aselsan is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Aselsan
Aselsan operates primarily in the Defense and Space Manufacturing industry.
Number of Employees at Aselsan
Aselsan employs approximately 16,729 people worldwide.
Subsidiaries Owned by Aselsan
Aselsan presently has no subsidiaries across any sectors.
Aselsan’s LinkedIn Followers
Aselsan’s official LinkedIn profile has approximately 1,140,690 followers.
NAICS Classification of Aselsan
Aselsan is classified under the NAICS code 336414, which corresponds to Guided Missile and Space Vehicle Manufacturing.
Aselsan’s Presence on Crunchbase
No, Aselsan does not have a profile on Crunchbase.
Aselsan’s Presence on LinkedIn
Yes, Aselsan maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/aselsan.
Cybersecurity Incidents Involving Aselsan
As of December 20, 2025, Rankiteo reports that Aselsan has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Aselsan has an estimated 2,373 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Aselsan ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
Incident Details
Can you provide details on each incident ?
Title: Stealth Falcon APT Group Exploits Zero-Day Vulnerability to Target Turkish Defense Company
Description: A sophisticated cyberattack campaign by the advanced persistent threat group, Stealth Falcon, which exploited a previously unknown zero-day vulnerability to target a major Turkish defense company and execute malware remotely.
Type: Advanced Persistent Threat (APT)
Attack Vector: Spear-phishing email with malicious .url file
Vulnerability Exploited: CVE-2025-33053
Threat Actor: Stealth Falcon (FruityArmor)
Motivation: Cyber espionage
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Spear-phishing email.
Impact of the Incidents
What was the impact of each incident ?
Incident : Advanced Persistent Threat (APT) ASE303061025
Systems Affected: Internet Explorer diagnostics utility (iediagcmd.exe)
Which entities were affected by each incident ?
Incident : Advanced Persistent Threat (APT) ASE303061025
Entity Name: Major Turkish defense company
Entity Type: Defense contractor
Industry: Defense
Location: Turkey
References
Where can I find more information about each incident ?
Incident : Advanced Persistent Threat (APT) ASE303061025
Source: Check Point Research
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Check Point Research.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Advanced Persistent Threat (APT) ASE303061025
Entry Point: Spear-phishing email
High Value Targets: Government And Defense Sectors In Turkey, Qatar, Egypt, And Yemen,
Data Sold on Dark Web: Government And Defense Sectors In Turkey, Qatar, Egypt, And Yemen,
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Advanced Persistent Threat (APT) ASE303061025
Root Causes: Exploitation of zero-day vulnerability CVE-2025-33053 through a malicious .url file
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Stealth Falcon (FruityArmor).
Impact of the Incidents
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Internet Explorer diagnostics utility (iediagcmd.exe).
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Check Point Research.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Spear-phishing email.
.png)
Latest Global CVEs (Not Company-Specific)
Description
n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulnerability in their workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An authenticated attacker could abuse this behavior to execute arbitrary code with the privileges of the n8n process. Successful exploitation may lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations. This issue has been fixed in versions 1.120.4, 1.121.1, and 1.122.0. Users are strongly advised to upgrade to a patched version, which introduces additional safeguards to restrict expression evaluation. If upgrading is not immediately possible, administrators should consider the following temporary mitigations: Limit workflow creation and editing permissions to fully trusted users only; and/or deploy n8n in a hardened environment with restricted operating system privileges and network access to reduce the impact of potential exploitation. These workarounds do not fully eliminate the risk and should only be used as short-term measures.
Risk Information
cvss3
Base: 9.9
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
References
- https://github.com/n8n-io/n8n/commit/08f332015153decdda3c37ad4fcb9f7ba13a7c79
- https://github.com/n8n-io/n8n/commit/1c933358acef527ff61466e53268b41a04be1000
- https://github.com/n8n-io/n8n/commit/39a2d1d60edde89674ca96dcbb3eb076ffff6316
- https://github.com/n8n-io/n8n/security/advisories/GHSA-v98v-ff95-f3cp
Description
FastAPI Users allows users to quickly add a registration and authentication system to their FastAPI project. Prior to version 15.0.2, the OAuth login state tokens are completely stateless and carry no per-request entropy or any data that could link them to the session that initiated the OAuth flow. `generate_state_token()` is always called with an empty `state_data` dict, so the resulting JWT only contains the fixed audience claim plus an expiration timestamp. On callback, the library merely checks that the JWT verifies under `state_secret` and is unexpired; there is no attempt to match the state value to the browser that initiated the OAuth request, no correlation cookie, and no server-side cache. Any attacker can hit `/authorize`, capture the server-generated state, finish the upstream OAuth flow with their own provider account, and then trick a victim into loading `.../callback?code=<attacker_code>&state=<attacker_state>`. Because the state JWT is valid for any client for \~1 hour, the victim’s browser will complete the flow. This leads to login CSRF. Depending on the app’s logic, the login CSRF can lead to an account takeover of the victim account or to the victim user getting logged in to the attacker's account. Version 15.0.2 contains a patch for the issue.
Risk Information
cvss3
Base: 5.9
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N
References
- https://github.com/fastapi-users/fastapi-users/blob/bcee8c9b884de31decb5d799aead3974a0b5b158/fastapi_users/router/oauth.py#L111
- https://github.com/fastapi-users/fastapi-users/blob/bcee8c9b884de31decb5d799aead3974a0b5b158/fastapi_users/router/oauth.py#L57
- https://github.com/fastapi-users/fastapi-users/commit/7cf413cd766b9cb0ab323ce424ddab2c0d235932
- https://github.com/fastapi-users/fastapi-users/security/advisories/GHSA-5j53-63w8-8625
Description
FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the application directory. Attackers can generate a reverse shell payload using msfvenom and replace the missing DLL to achieve remote code execution when the application launches.
Risk Information
cvss3
Base: 9.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
LDAP Tool Box Self Service Password 1.5.2 contains a password reset vulnerability that allows attackers to manipulate HTTP Host headers during token generation. Attackers can craft malicious password reset requests that generate tokens sent to a controlled server, enabling potential account takeover by intercepting and using stolen reset tokens.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss4
Base: 8.6
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Kimai 1.30.10 contains a SameSite cookie vulnerability that allows attackers to steal user session cookies through malicious exploitation. Attackers can trick victims into executing a crafted PHP script that captures and writes session cookie information to a file, enabling potential session hijacking.
Risk Information
cvss3
Base: 9.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=aselsan' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
