CHC is a full-service digital network engineering firm that delivers solutions including fielding, engineering design, permitting, project management, and process development. We are building tomorrow, together.
Performance to succeed today. Technology to lead tomorrow. Epiroc is your partner for mining and infrastructure equipment. We're excited to build on proven expertise and performance with the same people and a bold new drive to make what's good even better. Just like our name ‘Epiroc’ says, we want to be on top of things. Epiroc means “at or on rock,” coming from Greek and Latin roots. It reflects our core business, our proximity to customers and the strength of our partnerships. You can count on us to listen to your needs and respond with leading-edge solutions. You can call on us to keep your equipment running reliably with expert service. And you can choose us with confidence, knowing we are committed to safety, environmental and social responsibility in everything we do. More than a manufacturer, we aim to be a collaborative partner that keeps its promises. We deliver the performance you need to maximize productivity every day — as well as the technology you need to compete in the future.
Security & Compliance Standards Overview
No incidents recorded for CHC Consulting, a Congruex Company in 2025.
No incidents recorded for Epiroc in 2025.
CHC Consulting, a Congruex Company cyber incidents detection timeline including parent company and subsidiaries
Epiroc cyber incidents detection timeline including parent company and subsidiaries
Last 3 Security & Risk Events by Company
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘percentage’ parameter in all versions up to, and including, 5.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files it will combine, which allows remote attackers to create very large responses that lead to a denial of service attack via the URL query string.
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine.
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and create arbitrary directories on the target machine.
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine.
