Avtech Capital
Company Details
Linkedin ID:
avtech-capital
Website:
Employees number:
75
Number of followers:
1,068
NAICS:
52
Industry Type:
Homepage:
avtechcapital.com
IP Addresses:
12
Company ID:
AVT_4802904
Scan Status:
Completed
Avtech Capital Company CyberSecurity Posture
avtechcapital.com
Avtech Capital is a national equipment finance and leasing company located among the beautiful mountains of the Intermountain West. From its headquarters in the greater Salt Lake City area, Avtech Capital puts its experience and expertise to work in providing flexible, tailored equipment financing solutions to a diverse customer base throughout the United States. Avtech Capital funds commercial equipment leases for equipment in nearly every industry, including healthcare, manufacturing, aircraft, technology, software, energy, construction, mining, and transportation, as well as specialized and non-traditional equipment. We deliver results. If you have equipment financing needs, we have a solution for you. Review the deal summaries on this site to see how we work hard to serve our customers’ critical equipment needs and the broad scope of financing services we provide, the many industries we serve and the diverse equipment types we handle. Through the establishment of a private securitization facility, Avtech Capital collaborates closely with Sun Life Financial, Inc. (TSX: SLF, NYSE: SLF), one of the global leaders in financial services, and Securcor Inc., a Toronto-based financial services provider. This collaboration draws on Avtech Capital’s equipment financing expertise and Sun Life’s capital resources to deliver effective financing solutions for customers’ critical equipment needs across a wide credit spectrum. Avtech Capital is a proud member of the Equipment Leasing and Finance Association (ELFA), the National Equipment Finance Association (NEFA), and the American Association of Commercial Finance Brokers (AACFB). Avtech Capital is a member of Avtech Financial Group, an association of companies that provide a range of financing and servicing solutions to clients throughout the United States.
Avtech Capital A.I CyberSecurity Scoring
Avtech Capital Risk Score (AI oriented)Between 750 and 799
Avtech Capital
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Avtech Capital Global Score (TPRM)XXXX
Avtech Capital
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Avtech Capital Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
AVTECH
Vulnerability
Rankiteo Explanation
Attack which create outage
Description: The Corona Mirai botnet targeted AVTECH by exploiting a zero-day vulnerability (CVE-2024-7029) in AVTECH CCTV cameras, allowing remote code execution through command injection in the device brightness function. The attack, which remains unpatched, was part of a broader campaign leveraging multiple known vulnerabilities to spread Mirai malware variants. A potential impact includes the malicious operation of infected CCTV networks, disruption of surveillance capabilities, and potential leverage for further network intrusion, compromising the security posture of affected organizations. The exact extent of the damage is unclear, but it presents a critical security risk with the potential for further escalation.
Avtech Capital Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Avtech Capital
Incidents vs Financial Services Industry Average (This Year)
No incidents recorded for Avtech Capital in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Avtech Capital in 2025.
Incident Types Avtech Capital vs Financial Services Industry Avg (This Year)
No incidents recorded for Avtech Capital in 2025.
Incident History — Avtech Capital (X = Date, Y = Severity)
Avtech Capital cyber incidents detection timeline including parent company and subsidiaries
Avtech Capital Company Subsidiaries
Avtech Capital is a national equipment finance and leasing company located among the beautiful mountains of the Intermountain West. From its headquarters in the greater Salt Lake City area, Avtech Capital puts its experience and expertise to work in providing flexible, tailored equipment financing solutions to a diverse customer base throughout the United States. Avtech Capital funds commercial equipment leases for equipment in nearly every industry, including healthcare, manufacturing, aircraft, technology, software, energy, construction, mining, and transportation, as well as specialized and non-traditional equipment. We deliver results. If you have equipment financing needs, we have a solution for you. Review the deal summaries on this site to see how we work hard to serve our customers’ critical equipment needs and the broad scope of financing services we provide, the many industries we serve and the diverse equipment types we handle. Through the establishment of a private securitization facility, Avtech Capital collaborates closely with Sun Life Financial, Inc. (TSX: SLF, NYSE: SLF), one of the global leaders in financial services, and Securcor Inc., a Toronto-based financial services provider. This collaboration draws on Avtech Capital’s equipment financing expertise and Sun Life’s capital resources to deliver effective financing solutions for customers’ critical equipment needs across a wide credit spectrum. Avtech Capital is a proud member of the Equipment Leasing and Finance Association (ELFA), the National Equipment Finance Association (NEFA), and the American Association of Commercial Finance Brokers (AACFB). Avtech Capital is a member of Avtech Financial Group, an association of companies that provide a range of financing and servicing solutions to clients throughout the United States.
Loading...
Avtech Capital Similar Companies
Westpac Group
From rescue helicopters to signing the Equator Principles, from paying super during parental leave to adding 'Touch ID' biometric technology to our banking apps and being first on the scene with a helping hand in times of crisis... we have a proud history of stepping up to be first for our customer
First American Financial Corporation is a premier provider of title, settlement and risk solutions for real estate transactions. With its combination of financial strength and stability built over more than 130 years, innovative proprietary technologies, and unmatched data assets, the company is lea
Shriram Finance Limited
Shriram Finance is the country’s biggest retail NBFC offering credit solutions for commercial vehicles, two-wheeler loans, car loans, home loans, gold loans, personal and small business loans. We are part of the 50-year-old Shriram Group, a financial conglomerate that has emerged as a trusted partne
Bajaj Finserv
Founded in April 2007, Bajaj Finserv is the financial arm of the Bajaj group. We believe in a simple philosophy to never settle for good and go for great. This reflects in our extensive product portfolio that spans across 3 broad categories- lending, insurance and wealth advisory. With 24 products s
Pru Life UK
With 26 years of operations in the Philippines, we have the largest agency force of more than 39,000 licensed financial advisers ready to listen, understand and deliver. We are an innovative force in the life insurance industry who pioneered investment-linked or unit-linked insurance in the Philippi
S&P Global provides governments, businesses, and individuals with market data, expertise, and technology solutions for confident decision-making. Our services span from global energy solutions to sustainable finance solutions. From helping our customers perform investment analysis to guiding them th
BDO is a full-service universal bank in the Philippines. It provides a complete array of industry-leading products and services including Lending (corporate and consumer), Deposit-taking, Foreign Exchange, Brokering, Trust and Investments, Credit Cards, Corporate Cash Management, and Remittances in
Aditya Birla Capital Ltd is a financial services company based out of One World Center, Tower 1, 18th Floor, Jupiter Mills Compound, 841, Senapati Bapat Marg, Elphinstone Road, MUMBAI, India. - Aditya Birla Capital is committed to provide equal opportunity to all in employment and prohibits discrim
Morgan Stanley
Morgan Stanley (NYSE: MS) is a leading global financial services firm providing a wide range of investment banking, securities, wealth management and investment management services. With offices in 42 countries, our firm's employees serve clients worldwide including corporations, governments, instit
.png)
Avtech Capital CyberSecurity News
December 02, 2025 12:40 PM
Survey: cybersecurity in the power industry
Cybersecurity in the power industry has become more important than ever as the sector navigates rising geopolitical tensions,...
December 02, 2025 12:14 PM
Span Cyber Security Arena 2026 to offer new perspectives on the development of cybersecurity
Cyber Security Arena 2026 conference gathers global experts to share insights on cybersecurity and legal frameworks for resilience.
December 02, 2025 12:09 PM
AI Adoption Surges While Governance Lags — Report Warns of Growing Shadow Identity Risk
AI is evolving at a rapid pace, and the uptake of Generative AI (GenAI) is revolutionising the way humans interact and leverage this...
December 02, 2025 11:41 AM
Survey: cybersecurity in the power industry
Take a quick survey evaluating the state of cybersecurity in the power industry and what's needed to strengthen resilience to cyberattacks.
December 02, 2025 11:30 AM
Is your Retail Cybersecurity Ready for the Season's Surge?
Cyberattacks and identity blind spots turn the Golden Quarter into a high‑stakes test of resilience, where one compromised login can derail...
December 02, 2025 11:24 AM
AI Takes Center Stage as the Major Threat to Cybersecurity in 2026
COSTA MESA, Calif.–(BUSINESS WIRE)–Dec 2, 2025–. Experian® today released its 2026 Data Breach Industry Forecast, offering a look at the evolving cyber...
December 02, 2025 11:00 AM
Cybersecurity News: India orders web safety app, arrests over IP camera snooping, Albiriox shows up on dark web
The Indian government has ordered smartphone makers to pre-install its state-owned cybersecurity app, Sanchar Saathi, on all new devices...
December 02, 2025 10:50 AM
Semiconductor Manufacturing Cybersecurity Market Outlook
Press release - Insightace Analytic Pvt Ltd. - Semiconductor Manufacturing Cybersecurity Market Outlook Supported by Government Regulations...
December 02, 2025 10:23 AM
FCC Issues Cybersecurity Warning After Houston Barix Hack
After Houston's ESPN 97.5 signal was hacked mid-game, the FCC urged stations nationwide to strengthen cybersecurity and monitor EAS devices.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Avtech Capital CyberSecurity History Information
Official Website of Avtech Capital
The official website of Avtech Capital is https://avtechcapital.com.
Avtech Capital’s AI-Generated Cybersecurity Score
According to Rankiteo, Avtech Capital’s AI-generated cybersecurity score is 752, reflecting their Fair security posture.
How many security badges does Avtech Capital’ have ?
According to Rankiteo, Avtech Capital currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Avtech Capital have SOC 2 Type 1 certification ?
According to Rankiteo, Avtech Capital is not certified under SOC 2 Type 1.
Does Avtech Capital have SOC 2 Type 2 certification ?
According to Rankiteo, Avtech Capital does not hold a SOC 2 Type 2 certification.
Does Avtech Capital comply with GDPR ?
According to Rankiteo, Avtech Capital is not listed as GDPR compliant.
Does Avtech Capital have PCI DSS certification ?
According to Rankiteo, Avtech Capital does not currently maintain PCI DSS compliance.
Does Avtech Capital comply with HIPAA ?
According to Rankiteo, Avtech Capital is not compliant with HIPAA regulations.
Does Avtech Capital have ISO 27001 certification ?
According to Rankiteo,Avtech Capital is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Avtech Capital
Avtech Capital operates primarily in the Financial Services industry.
Number of Employees at Avtech Capital
Avtech Capital employs approximately 75 people worldwide.
Subsidiaries Owned by Avtech Capital
Avtech Capital presently has no subsidiaries across any sectors.
Avtech Capital’s LinkedIn Followers
Avtech Capital’s official LinkedIn profile has approximately 1,068 followers.
NAICS Classification of Avtech Capital
Avtech Capital is classified under the NAICS code 52, which corresponds to Finance and Insurance.
Avtech Capital’s Presence on Crunchbase
Yes, Avtech Capital has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/avtech-capital.
Avtech Capital’s Presence on LinkedIn
Yes, Avtech Capital maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/avtech-capital.
Cybersecurity Incidents Involving Avtech Capital
As of December 02, 2025, Rankiteo reports that Avtech Capital has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Avtech Capital has an estimated 29,710 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Avtech Capital ?
Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability.
Incident Details
Can you provide details on each incident ?
Title: Corona Mirai Botnet Exploit on AVTECH CCTV Cameras
Description: The Corona Mirai botnet targeted AVTECH by exploiting a zero-day vulnerability (CVE-2024-7029) in AVTECH CCTV cameras, allowing remote code execution through command injection in the device brightness function. The attack, which remains unpatched, was part of a broader campaign leveraging multiple known vulnerabilities to spread Mirai malware variants. A potential impact includes the malicious operation of infected CCTV networks, disruption of surveillance capabilities, and potential leverage for further network intrusion, compromising the security posture of affected organizations. The exact extent of the damage is unclear, but it presents a critical security risk with the potential for further escalation.
Type: Botnet
Attack Vector: Remote Code Execution
Vulnerability Exploited: CVE-2024-7029
Threat Actor: Corona Mirai Botnet
Motivation: Spread Mirai malware variants
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Vulnerability.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through CCTV cameras.
Impact of the Incidents
What was the impact of each incident ?
Incident : Botnet AVT000083024
Systems Affected: CCTV networks
Operational Impact: Disruption of surveillance capabilities
Which entities were affected by each incident ?
Incident : Botnet AVT000083024
Entity Name: AVTECH
Entity Type: Company
Industry: Surveillance Technology
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Botnet AVT000083024
Entry Point: CCTV cameras
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Botnet AVT000083024
Root Causes: Zero-day vulnerability (CVE-2024-7029) in AVTECH CCTV cameras
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Corona Mirai Botnet.
Impact of the Incidents
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an CCTV cameras.
.png)
Latest Global CVEs (Not Company-Specific)
Description
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.11.1, vllm has a critical remote code execution vector in a config class named Nemotron_Nano_VL_Config. When vllm loads a model config that contains an auto_map entry, the config class resolves that mapping with get_class_from_dynamic_module(...) and immediately instantiates the returned class. This fetches and executes Python from the remote repository referenced in the auto_map string. Crucially, this happens even when the caller explicitly sets trust_remote_code=False in vllm.transformers_utils.config.get_config. In practice, an attacker can publish a benign-looking frontend repo whose config.json points via auto_map to a separate malicious backend repo; loading the frontend will silently run the backend’s code on the victim host. This vulnerability is fixed in 0.11.1.
Risk Information
cvss3
Base: 7.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Description
fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. Prior to 12.5.0, by crafting a malicious URL, an attacker could access routes that are not allowed, even though the reply.from is defined for specific routes in @fastify/reply-from. This vulnerability is fixed in 12.5.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF attacks. This vulnerability is fixed in 1.14.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=avtech-capital' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
