BCPS
Company Details
Linkedin ID:
baltcityschools
Employees number:
8,049
Number of followers:
23,602
NAICS:
6111
Industry Type:
Homepage:
baltimorecityschools.org
IP Addresses:
3
Company ID:
BAL_6847661
Scan Status:
Completed
Baltimore City Public Schools Company CyberSecurity Posture
baltimorecityschools.org
Since 1829, Baltimore City Public Schools prepares its nearly 75,000 students for higher education and a life-sustaining career. We proudly serve our students through 164 schools and programs. Our important work is guided by our strategic plan: Building a Generation: City Schools’ Blueprint for Success and its three focus areas: literacy, student wholeness, and staff leadership. We are Baltimore City and we believe every student can succeed. We invite you to join us in this work. Learn more about our mission and victories by following us here or by visiting baltimorecityschools.org.
Baltimore City Public Schools A.I CyberSecurity Scoring
BCPS Risk Score (AI oriented)Between 600 and 649
BCPS
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
BCPS Global Score (TPRM)XXXX
BCPS
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
BCPS Company CyberSecurity News & History
Past Incidents
3
Attack Types
1
Baltimore City Public Schools
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: On February 13, 2025, Baltimore City Public Schools experienced a cybersecurity incident affecting certain IT systems. The breach involved names and unspecified data elements of individuals, with the investigation concluding on April 15, 2025. The incident was reported to the Vermont Attorney General's Office on April 29, 2025.
Baltimore City Public Schools
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Baltimore City Public Schools experienced a cybersecurity incident affecting certain IT systems within their network. This breach may have compromised certain documents containing information of current and former employees, volunteers, and contractors as well as a small percentage of students. It is speculated that folders, files, or records containing social security numbers, driver's license numbers, or passport numbers were stolen. Also, possibly exposed were a combination of student data, call logs, absenteeism records, or the maternity status of currently enrolled students. The breach has been linked to the Cloak ransomware operation.
Baltimore City Schools
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Baltimore City Schools suffered a **computer network breach** in February 2024, potentially compromising documents of **current, former, and prospective employees, volunteers, contractors**, and files linked to **less than 1.5% of students (~1,000 out of 75,000)**. The breach triggered an investigation with **law enforcement and external cybersecurity consultants**, leading to immediate actions like **password resets, endpoint detection software deployment, and a forensic audit**. Affected individuals are being notified via mail and offered **complimentary credit monitoring, identity-theft mitigation, and dark-web monitoring**. The district is establishing a **call center** for support and continues assessing the **scope of compromised data**, though specifics remain under review. Operational disruptions were acknowledged, but no evidence of **ransomware, financial fraud, or systemic outages** was reported. The focus remains on **notifying impacted parties** and strengthening defenses against future threats.
BCPS Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for BCPS
Incidents vs Primary and Secondary Education Industry Average (This Year)
Baltimore City Public Schools has 110.53% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Baltimore City Public Schools has 156.41% more incidents than the average of all companies with at least one recorded incident.
Incident Types BCPS vs Primary and Secondary Education Industry Avg (This Year)
Baltimore City Public Schools reported 2 incidents this year: 0 cyber attacks, 0 ransomware, 0 vulnerabilities, 2 data breaches, compared to industry peers with at least 1 incident.
Incident History — BCPS (X = Date, Y = Severity)
BCPS cyber incidents detection timeline including parent company and subsidiaries
BCPS Company Subsidiaries
Since 1829, Baltimore City Public Schools prepares its nearly 75,000 students for higher education and a life-sustaining career. We proudly serve our students through 164 schools and programs. Our important work is guided by our strategic plan: Building a Generation: City Schools’ Blueprint for Success and its three focus areas: literacy, student wholeness, and staff leadership. We are Baltimore City and we believe every student can succeed. We invite you to join us in this work. Learn more about our mission and victories by following us here or by visiting baltimorecityschools.org.
Loading...
BCPS Similar Companies
Orange County Public Schools
Orange County Public Schools is recognized as one of the top urban school districts in the nation – the 8th largest school district in America (4th in Florida) with 210 traditional schools, approximately 206,000 students and over 24,000 employees. OCPS students enjoy equity and access to a wide v
Montgomery County Public Schools
Montgomery County Public Schools (MCPS), located in Maryland outside of Washington, D.C., is the largest school district in the state. MCPS has 209 schools and serves a diverse population of more than 160,000 students. MCPS offers competitive salaries and benefits, has a nationally recognized prof
Austin Independent School District
Austin ISD is a diverse community of more than 10,000 employees, and we recognize that nothing is more essential to a great education system than innovative, talented, passionate educators. Whether you’re a recent graduate or an experienced professional seeking a new career opportunity, AISD has a
NYC Public Schools
New York City Public Schools (NYCPS) is the largest public school system in the United States, serving approximately 1.1 million students across more than 1,600 schools in all five boroughs. Our schools are powered by over 75,000 teachers and thousands of paraprofessionals, school counselors, social
Charlotte-Mecklenburg Schools
The mission of Charlotte-Mecklenburg Schools is to create an innovative, inclusive, student-centered environment that supports the development of independent learners. The vision of Charlotte-Mecklenburg Schools is to lead the community in educational excellence, inspiring intellectual curiosity, c
Gwinnett County Public Schools
Gwinnett County Public Schools (GCPS), located in the metro Atlanta area, is the largest school system in Georgia and the 11th largest school district in the country, offering education professionals and support staff endless opportunities to SHINE. GCPS is one of the nation’s top urban school dist
Peel District School Board
The Peel District School Board serves more than 156,000 students in kindergarten to grade 12. Operating more than 257 schools in the municipalities of Brampton, Caledon and Mississauga, the Peel board is the largest employer in Peel. At the Peel board, we inspire success, confidence and hope in ea
Toronto District School Board
The Toronto District School Board (TDSB) is the largest and one of the most diverse school boards in Canada, and recognized by Forbes and Statista as one of Canada's Best Employers for Diversity for 2023. We serve more than 239,000 students in 582 schools throughout Toronto, and more than 100,000 li
Prince George's County Public Schools
Prince George's County Public Schools (PGCPS), one of the nation's 25 largest school districts, has 200 schools and centers, more than 133,000 students and 22,000 employees. The school system serves a diverse student population from urban, suburban and rural communities located in the Washington, DC
.png)
BCPS CyberSecurity News
November 12, 2025 08:00 AM
Manassas City Public Schools reopen Wednesday on 2-hour delay after cybersecurity incident
Manassas City Public Schools will reopen Wednesday on a two-hour delay after closing Monday due to a cybersecurity incident.
November 10, 2025 08:00 AM
Manassas City Public Schools closed Monday after cybersecurity incident
Manassas City Public Schools will be closed Monday due to a cybersecurity incident affecting the Virginia school system over the weekend.
November 09, 2025 08:00 AM
Cybersecurity incident causes Manassas City Public Schools to close Monday
Manassas City Public Schools (MCPS) will be closed on Monday, Nov. 10, due to a cybersecurity incident, MCPS Superintendent Dr. Kevin Newman...
November 09, 2025 08:00 AM
Cybersecurity incident causes Manassas City Public Schools to close
The latest videos from DC News Now | DC, Virginia, Maryland News, Weather, Traffic, Sports Live.
October 28, 2025 07:00 AM
Legislative audit puts light on Somerset County Schools purchasing, payments and cybersecurity
BALTIMORE — The Maryland Department of Legislative Services found Somerset County Public Schools had deficiencies in its procurement...
September 02, 2025 07:00 AM
Baltimore City Public Schools to hold community forums for next CEO search
Baltimore City Public Schools' board of commissioners wants to know what the public is looking for in its next CEO.
August 25, 2025 07:00 AM
FOX45: MTA investigating ‘cybersecurity incident’ that could impact back-to-school travel
Maryland Transit Authority officials are investigating a "cybersecurity incident" involving unauthorized access to certain systems.
July 31, 2025 07:00 AM
ADL complaint accuses Baltimore City Public Schools of shrugging off ‘egregious’ antisemitism
The Anti-Defamation League has asked the Trump administration to open a civil-rights investigation into the Baltimore City Public Schools,...
June 16, 2025 07:00 AM
India’s education sector under siege: Check point software reports 8,487 weekly cyberattacks on institutio..
Across industries, Indian organizations saw 3,278 weekly attacks on average, significantly higher than the global average of 1,934
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
BCPS CyberSecurity History Information
Official Website of Baltimore City Public Schools
The official website of Baltimore City Public Schools is http://www.baltimorecityschools.org.
Baltimore City Public Schools’s AI-Generated Cybersecurity Score
According to Rankiteo, Baltimore City Public Schools’s AI-generated cybersecurity score is 628, reflecting their Poor security posture.
How many security badges does Baltimore City Public Schools’ have ?
According to Rankiteo, Baltimore City Public Schools currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Baltimore City Public Schools have SOC 2 Type 1 certification ?
According to Rankiteo, Baltimore City Public Schools is not certified under SOC 2 Type 1.
Does Baltimore City Public Schools have SOC 2 Type 2 certification ?
According to Rankiteo, Baltimore City Public Schools does not hold a SOC 2 Type 2 certification.
Does Baltimore City Public Schools comply with GDPR ?
According to Rankiteo, Baltimore City Public Schools is not listed as GDPR compliant.
Does Baltimore City Public Schools have PCI DSS certification ?
According to Rankiteo, Baltimore City Public Schools does not currently maintain PCI DSS compliance.
Does Baltimore City Public Schools comply with HIPAA ?
According to Rankiteo, Baltimore City Public Schools is not compliant with HIPAA regulations.
Does Baltimore City Public Schools have ISO 27001 certification ?
According to Rankiteo,Baltimore City Public Schools is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Baltimore City Public Schools
Baltimore City Public Schools operates primarily in the Primary and Secondary Education industry.
Number of Employees at Baltimore City Public Schools
Baltimore City Public Schools employs approximately 8,049 people worldwide.
Subsidiaries Owned by Baltimore City Public Schools
Baltimore City Public Schools presently has no subsidiaries across any sectors.
Baltimore City Public Schools’s LinkedIn Followers
Baltimore City Public Schools’s official LinkedIn profile has approximately 23,602 followers.
NAICS Classification of Baltimore City Public Schools
Baltimore City Public Schools is classified under the NAICS code 6111, which corresponds to Elementary and Secondary Schools.
Baltimore City Public Schools’s Presence on Crunchbase
No, Baltimore City Public Schools does not have a profile on Crunchbase.
Baltimore City Public Schools’s Presence on LinkedIn
Yes, Baltimore City Public Schools maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/baltcityschools.
Cybersecurity Incidents Involving Baltimore City Public Schools
As of December 20, 2025, Rankiteo reports that Baltimore City Public Schools has experienced 3 cybersecurity incidents.
Number of Peer and Competitor Companies
Baltimore City Public Schools has an estimated 7,974 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Baltimore City Public Schools ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does Baltimore City Public Schools detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with external cybersecurity consultants, and and containment measures with password resets for all users, and remediation measures with installation of endpoint detection and response software, and recovery measures with forensic audit, recovery measures with ongoing procedure assessments, and communication strategy with u.s. mail notifications to affected individuals, communication strategy with website and social media updates, communication strategy with staff notifications, communication strategy with call center for support, and enhanced monitoring with credit monitoring, enhanced monitoring with dark-web monitoring for affected individuals..
Incident Details
Can you provide details on each incident ?
Title: Baltimore City Public Schools Cyber Incident
Description: Baltimore City Public Schools experienced a cybersecurity incident affecting certain IT systems within their network. This breach may have compromised certain documents containing information of current and former employees, volunteers, and contractors as well as a small percentage of students. It is speculated that folders, files, or records containing social security numbers, driver's license numbers, or passport numbers were stolen. Also, possibly exposed were a combination of student data, call logs, absenteeism records, or the maternity status of currently enrolled students. The breach has been linked to the Cloak ransomware operation.
Type: Ransomware
Threat Actor: Cloak ransomware operation
Title: Baltimore City Public Schools Cybersecurity Incident
Description: A cybersecurity incident affecting certain IT systems, involving names and unspecified data elements of individuals.
Date Detected: 2025-02-13
Date Publicly Disclosed: 2025-04-29
Date Resolved: 2025-04-15
Type: Data Breach
Title: Baltimore City Schools Data Breach (February 2024)
Description: Baltimore City Schools suffered a computer network breach in February 2024, potentially compromising documents belonging to current, former, and prospective employees, volunteers, contractors, and fewer than 1.5% of students (~1,000 out of 75,000). The district conducted an investigation with law enforcement and external cybersecurity consultants, implemented password resets, and installed endpoint detection and response software. Affected individuals are being notified via U.S. Mail and offered credit monitoring and identity-theft mitigation services.
Date Detected: 2024-02-01
Date Publicly Disclosed: 2024-04-22
Type: data breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware BAL759042625
Data Compromised: Social security numbers, Driver's license numbers, Passport numbers, Student data, Call logs, Absenteeism records, Maternity status
Systems Affected: Certain IT systems within their network
Incident : Data Breach BAL304072625
Data Compromised: Names, Unspecified data elements
Systems Affected: IT systems
Incident : data breach BAL4203142110625
Data Compromised: Employee records, Volunteer records, Contractor records, Student files (<1.5%)
Systems Affected: computer network
Operational Impact: password resetsendpoint detection software installationforensic audit
Brand Reputation Impact: potential reputational harm due to breach disclosure
Identity Theft Risk: ['potential risk for affected individuals (credit monitoring offered)']
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Social Security Numbers, Driver'S License Numbers, Passport Numbers, Student Data, Call Logs, Absenteeism Records, Maternity Status, , Names, Unspecified Data Elements, , Employee Documents, Volunteer Documents, Contractor Documents, Student-Related Files and .
Which entities were affected by each incident ?
Incident : Ransomware BAL759042625
Entity Name: Baltimore City Public Schools
Entity Type: Educational Institution
Industry: Education
Location: Baltimore, Maryland
Incident : Data Breach BAL304072625
Entity Name: Baltimore City Public Schools
Entity Type: Educational Institution
Industry: Education
Location: Baltimore, MD
Incident : data breach BAL4203142110625
Entity Name: Baltimore City Schools
Entity Type: public school district
Industry: education
Location: Baltimore, Maryland, USA
Size: ~75,000 students + employees/contractors
Customers Affected: ~1,000 students (<1.5%) + unspecified number of employees/volunteers/contractors
Response to the Incidents
What measures were taken in response to each incident ?
Incident : data breach BAL4203142110625
Incident Response Plan Activated: True
Third Party Assistance: External Cybersecurity Consultants.
Containment Measures: password resets for all users
Remediation Measures: installation of endpoint detection and response software
Recovery Measures: forensic auditongoing procedure assessments
Communication Strategy: U.S. Mail notifications to affected individualswebsite and social media updatesstaff notificationscall center for support
Enhanced Monitoring: credit monitoringdark-web monitoring for affected individuals
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through external cybersecurity consultants, .
Data Breach Information
What type of data was compromised in each breach ?
Incident : Ransomware BAL759042625
Type of Data Compromised: Social security numbers, Driver's license numbers, Passport numbers, Student data, Call logs, Absenteeism records, Maternity status
Sensitivity of Data: High
Personally Identifiable Information: Social Security numbersDriver's license numbersPassport numbers
Incident : Data Breach BAL304072625
Type of Data Compromised: Names, Unspecified data elements
Incident : data breach BAL4203142110625
Type of Data Compromised: Employee documents, Volunteer documents, Contractor documents, Student-related files
Number of Records Exposed: ~1,000 student records + unspecified number of employee/contractor/volunteer records
Sensitivity of Data: personally identifiable information (PII) likely included
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: installation of endpoint detection and response software, .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by password resets for all users and .
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware BAL759042625
Ransomware Strain: Cloak
How does the company recover data encrypted by ransomware ?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through forensic audit, ongoing procedure assessments, .
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach BAL304072625
Regulatory Notifications: Vermont Attorney General's Office
Lessons Learned and Recommendations
What recommendations were made to prevent future incidents ?
Incident : data breach BAL4203142110625
Recommendations: continue assessing procedures to defend against evolving cybersecurity threats, coordinate with law enforcement and external expertscontinue assessing procedures to defend against evolving cybersecurity threats, coordinate with law enforcement and external experts
References
Where can I find more information about each incident ?
Incident : Data Breach BAL304072625
Source: Vermont Attorney General's Office
Date Accessed: 2025-04-29
Incident : data breach BAL4203142110625
Source: Baltimore City Schools Board of School Commissioners Meeting (CEO Comments)
Date Accessed: 2024-04-22
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Vermont Attorney General's OfficeDate Accessed: 2025-04-29, and Source: Baltimore City Schools Board of School Commissioners Meeting (CEO Comments)Date Accessed: 2024-04-22.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach BAL304072625
Investigation Status: Concluded
Incident : data breach BAL4203142110625
Investigation Status: ongoing (forensic audit in progress, precise data elements still being determined)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through U.S. Mail Notifications To Affected Individuals, Website And Social Media Updates, Staff Notifications and Call Center For Support.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : data breach BAL4203142110625
Stakeholder Advisories: Notifications To Affected Individuals Via U.S. Mail, General Information Posted On Website And Social Channels, Staff Notifications.
Customer Advisories: credit monitoring and identity-theft mitigation services offeredcall center established for enrollment support
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Notifications To Affected Individuals Via U.S. Mail, General Information Posted On Website And Social Channels, Staff Notifications, Credit Monitoring And Identity-Theft Mitigation Services Offered, Call Center Established For Enrollment Support and .
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : data breach BAL4203142110625
Corrective Actions: Password Resets, Endpoint Detection And Response Software Installation, Forensic Audit, Ongoing Procedure Assessments,
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as External Cybersecurity Consultants, , Credit Monitoring, Dark-Web Monitoring For Affected Individuals, .
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Password Resets, Endpoint Detection And Response Software Installation, Forensic Audit, Ongoing Procedure Assessments, .
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Cloak ransomware operation.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2025-02-13.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2024-04-22.
What was the most recent incident resolved ?
Most Recent Incident Resolved: The most recent incident resolved was on 2025-04-15.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Social Security numbers, Driver's license numbers, Passport numbers, Student data, Call logs, Absenteeism records, Maternity status, , names, unspecified data elements, , employee records, volunteer records, contractor records, student files (<1.5%) and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was computer network.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was external cybersecurity consultants, .
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was password resets for all users.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Social Security numbers, contractor records, Passport numbers, Maternity status, Absenteeism records, volunteer records, student files (<1.5%), Call logs, employee records, Student data, unspecified data elements, names and Driver's license numbers.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 1.0K.
Lessons Learned and Recommendations
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was continue assessing procedures to defend against evolving cybersecurity threats and coordinate with law enforcement and external experts.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Vermont Attorney General's Office and Baltimore City Schools Board of School Commissioners Meeting (CEO Comments).
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Concluded.
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was notifications to affected individuals via U.S. Mail, general information posted on website and social channels, staff notifications, .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an credit monitoring and identity-theft mitigation services offeredcall center established for enrollment support.
.png)
Latest Global CVEs (Not Company-Specific)
Description
n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulnerability in their workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An authenticated attacker could abuse this behavior to execute arbitrary code with the privileges of the n8n process. Successful exploitation may lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations. This issue has been fixed in versions 1.120.4, 1.121.1, and 1.122.0. Users are strongly advised to upgrade to a patched version, which introduces additional safeguards to restrict expression evaluation. If upgrading is not immediately possible, administrators should consider the following temporary mitigations: Limit workflow creation and editing permissions to fully trusted users only; and/or deploy n8n in a hardened environment with restricted operating system privileges and network access to reduce the impact of potential exploitation. These workarounds do not fully eliminate the risk and should only be used as short-term measures.
Risk Information
cvss3
Base: 9.9
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
References
- https://github.com/n8n-io/n8n/commit/08f332015153decdda3c37ad4fcb9f7ba13a7c79
- https://github.com/n8n-io/n8n/commit/1c933358acef527ff61466e53268b41a04be1000
- https://github.com/n8n-io/n8n/commit/39a2d1d60edde89674ca96dcbb3eb076ffff6316
- https://github.com/n8n-io/n8n/security/advisories/GHSA-v98v-ff95-f3cp
Description
FastAPI Users allows users to quickly add a registration and authentication system to their FastAPI project. Prior to version 15.0.2, the OAuth login state tokens are completely stateless and carry no per-request entropy or any data that could link them to the session that initiated the OAuth flow. `generate_state_token()` is always called with an empty `state_data` dict, so the resulting JWT only contains the fixed audience claim plus an expiration timestamp. On callback, the library merely checks that the JWT verifies under `state_secret` and is unexpired; there is no attempt to match the state value to the browser that initiated the OAuth request, no correlation cookie, and no server-side cache. Any attacker can hit `/authorize`, capture the server-generated state, finish the upstream OAuth flow with their own provider account, and then trick a victim into loading `.../callback?code=<attacker_code>&state=<attacker_state>`. Because the state JWT is valid for any client for \~1 hour, the victim’s browser will complete the flow. This leads to login CSRF. Depending on the app’s logic, the login CSRF can lead to an account takeover of the victim account or to the victim user getting logged in to the attacker's account. Version 15.0.2 contains a patch for the issue.
Risk Information
cvss3
Base: 5.9
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N
References
- https://github.com/fastapi-users/fastapi-users/blob/bcee8c9b884de31decb5d799aead3974a0b5b158/fastapi_users/router/oauth.py#L111
- https://github.com/fastapi-users/fastapi-users/blob/bcee8c9b884de31decb5d799aead3974a0b5b158/fastapi_users/router/oauth.py#L57
- https://github.com/fastapi-users/fastapi-users/commit/7cf413cd766b9cb0ab323ce424ddab2c0d235932
- https://github.com/fastapi-users/fastapi-users/security/advisories/GHSA-5j53-63w8-8625
Description
FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the application directory. Attackers can generate a reverse shell payload using msfvenom and replace the missing DLL to achieve remote code execution when the application launches.
Risk Information
cvss3
Base: 9.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
LDAP Tool Box Self Service Password 1.5.2 contains a password reset vulnerability that allows attackers to manipulate HTTP Host headers during token generation. Attackers can craft malicious password reset requests that generate tokens sent to a controlled server, enabling potential account takeover by intercepting and using stolen reset tokens.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss4
Base: 8.6
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Kimai 1.30.10 contains a SameSite cookie vulnerability that allows attackers to steal user session cookies through malicious exploitation. Attackers can trick victims into executing a crafted PHP script that captures and writes session cookie information to a file, enabling potential session hijacking.
Risk Information
cvss3
Base: 9.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=baltcityschools' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
