CMB
Company Details
Linkedin ID:
china-merchants-bank
Website:
Employees number:
13,082
Number of followers:
42,705
NAICS:
52211
Industry Type:
Homepage:
cmbchina.com
IP Addresses:
0
Company ID:
CHI_1094889
Scan Status:
In-progress
China Merchants Bank Company CyberSecurity Posture
cmbchina.com
Established in 1987 in Shenzhen, the forefront of China’s reform and opening-up drive, China Merchants Bank ("CMB") has developed into the most influential commercial bank brand in China thanks to continuous financial innovation, quality customer service, prudent management and strong business performance. For many consecutive years, CMB has been ranked among China’s top commercial banks according to comprehensive assessment by CBRC. The bank has won a number of titles, including the Best Commercial Bank of China, the Best Retail Bank in China, the Best Private Bank in China, China’s Best Custody Specialist from the British Financial Times, Euromoney and The Asset. The Bank was shortlisted as a World-Class Chinese Brand and ranked No. 1 in the P/B list of the world’s top 50 banks with the largest market value by the British Financial Times. It was also listed No.60 among the world's Top 1,000 Banks by The Banker.
China Merchants Bank A.I CyberSecurity Scoring
CMB Risk Score (AI oriented)Between 800 and 849
CMB
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
CMB Global Score (TPRM)XXXX
CMB
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
CMB Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
CMB Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for CMB
Incidents vs Banking Industry Average (This Year)
No incidents recorded for China Merchants Bank in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for China Merchants Bank in 2025.
Incident Types CMB vs Banking Industry Avg (This Year)
No incidents recorded for China Merchants Bank in 2025.
Incident History — CMB (X = Date, Y = Severity)
CMB cyber incidents detection timeline including parent company and subsidiaries
CMB Company Subsidiaries
Established in 1987 in Shenzhen, the forefront of China’s reform and opening-up drive, China Merchants Bank ("CMB") has developed into the most influential commercial bank brand in China thanks to continuous financial innovation, quality customer service, prudent management and strong business performance. For many consecutive years, CMB has been ranked among China’s top commercial banks according to comprehensive assessment by CBRC. The bank has won a number of titles, including the Best Commercial Bank of China, the Best Retail Bank in China, the Best Private Bank in China, China’s Best Custody Specialist from the British Financial Times, Euromoney and The Asset. The Bank was shortlisted as a World-Class Chinese Brand and ranked No. 1 in the P/B list of the world’s top 50 banks with the largest market value by the British Financial Times. It was also listed No.60 among the world's Top 1,000 Banks by The Banker.
Loading...
CMB Similar Companies
AU SMALL FINANCE BANK
The dream started two decades ago by Mr. Sanjay Agarwal, a merit holder Chartered Accountant and a first generation entrepreneur, along with his proficient team. Together, the dexterous team embarked on a journey of excellence while enriching lives along the way. What started off as a dream to be
Russian Standard Bank
Russian Standard Bank - leading private bank in the lending market. Bank sells credit programs in more than 1,200 locations across the country. Number of clients of the bank exceeded 23 millions, the total amount of consumer loans exceeded $30 billions. The number of trading partners of the Bank
Kotak Mahindra Bank
About Kotak Mahindra Group: Established in 1985, the Kotak Mahindra Group is one of India’s leading financial services conglomerates. In February 2003, Kotak Mahindra Finance Ltd. (KMFL), the Group’s flagship company, received a banking license from the Reserve Bank of India (RBI). With this, KMF
Banque Misr
Banque Misr (BM) was established in 1920 by the pioneer economist and financial expert Mohamed Talaat Harb Pasha, who spearheaded the concept of investing in national savings and directing them toward economic and social development. Thus, Banque Misr was established as the first wholly Egyptian-own
PT Bank SMBC Indonesia Tbk
With a renewed vision for growth and innovation, we rebranded as PT Bank SMBC Indonesia Tbk (SMBC Indonesia) in 2024, formerly known as PT Bank BTPN Tbk. This rebranding reflects our response to the dynamic changes, allowing us to consolidate our strengths and deliver even more seamless, integrated
Banco Bci
Porque el mundo que nos rodea se actualiza constantemente, porque tu decides hacer tu vida más simple: para entretenerte, para compartir con tu familia o para moverte por la ciudad. En Bci evolucionamos junto a ti, en este mundo donde todo se transforma una y otra vez, con soluciones que harán tu vi
UBL - United Bank Limited
On 7 November 1959, UBL’s first branch at II Chundrigar Road in Karachi was inaugurated and with it launched a culture of service, innovation and financial excellence in Pakistan. A banking company incorporated in Pakistan and engaged in commercial banking and related services, UBL operates one of t
Founded in 1908 by Maharaja Sir Sayaji Rao Gaekwad III, Bank of Baroda is a top notch Public Sector Bank with a business of around Rs.10 trillion and network of 8100+ branches of which 105 overseas branches / offices are located in 17 countries excluding India spanning across Europe, US, Africa, As
SEB is a leading northern European financial services group with a strong belief that entrepreneurial minds and innovative companies are key in creating a better world. SEB takes a long-term perspective and supports its customers in good times and bad. In Sweden and the Baltic countries, SEB offe
.png)
CMB CyberSecurity News
November 21, 2025 02:45 PM
China Merchants Bank Co., Ltd. Announces Approval of the Commencement of Business of China Merchants Bank Financial Asset Investment Co., Ltd
China Merchants Bank Co., Ltd. has received the Approval from the National Financial Regulatory Administration on Commencement of Business...
October 29, 2025 07:00 AM
China Merchants Bank Q3 net profit up 1.0% Y/Y
China Merchants Bank Co Ltd: Q3 net profit up 1.0% Y/Y ... -October 29, 2025 at 05:51 am EDT - MarketScreener.
October 15, 2025 07:00 AM
BNB Holds Near $1,190 as China Merchants Bank Tokenizes Fund on BNB Chain
BNB Chain and Binance launched initiatives to shore up confidence, including a $45 million airdrop and a $400 million "Together Initiative".
October 13, 2025 07:00 AM
Chinese banks lead in implied share price upside among Asia-Pacific peers
China Merchants Bank had an implied upside of 28.8%. The four Chinese megabanks are among the large Asia-Pacific lenders with the greatest...
September 22, 2025 07:00 AM
Exclusive: China asks brokers to pause real-world asset business in Hong Kong, sources say
China's securities watchdog has advised some local brokerages to pause their real-world asset (RWA) tokenisation business in Hong Kong,...
September 05, 2025 07:00 AM
China Merchant Bank profit rebounds in Q2 on lower costs
Net profit grew 2.7% in Q2 from a 2.1% decline in Q1. China Merchant Bank (CMB) returned to positive earnings growth in Q2 2025 after a...
July 29, 2025 07:00 AM
China Merchants Bank (CIHKY): Company Profile, Stock Price, News, Rankings
Get insights into China Merchants Bank including business profile, stock information, news, and rankings from Fortune.
July 23, 2025 05:49 PM
Banking in China: Powering a Digital Financial Revolution
In 2025, China's banking sector is a global titan, valued at $4.5 trillion and leading the world in digital finance, per a 2024 PwC report.
July 10, 2025 07:00 AM
Private Capital Awards 2025: Meeting evolving client needs
Asia's private banking and wealth management sector has maintained its rapid growth, especially in China and India, fuelling intense...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
CMB CyberSecurity History Information
Official Website of China Merchants Bank
The official website of China Merchants Bank is http://www.cmbchina.com.
China Merchants Bank’s AI-Generated Cybersecurity Score
According to Rankiteo, China Merchants Bank’s AI-generated cybersecurity score is 831, reflecting their Good security posture.
How many security badges does China Merchants Bank’ have ?
According to Rankiteo, China Merchants Bank currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does China Merchants Bank have SOC 2 Type 1 certification ?
According to Rankiteo, China Merchants Bank is not certified under SOC 2 Type 1.
Does China Merchants Bank have SOC 2 Type 2 certification ?
According to Rankiteo, China Merchants Bank does not hold a SOC 2 Type 2 certification.
Does China Merchants Bank comply with GDPR ?
According to Rankiteo, China Merchants Bank is not listed as GDPR compliant.
Does China Merchants Bank have PCI DSS certification ?
According to Rankiteo, China Merchants Bank does not currently maintain PCI DSS compliance.
Does China Merchants Bank comply with HIPAA ?
According to Rankiteo, China Merchants Bank is not compliant with HIPAA regulations.
Does China Merchants Bank have ISO 27001 certification ?
According to Rankiteo,China Merchants Bank is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of China Merchants Bank
China Merchants Bank operates primarily in the Banking industry.
Number of Employees at China Merchants Bank
China Merchants Bank employs approximately 13,082 people worldwide.
Subsidiaries Owned by China Merchants Bank
China Merchants Bank presently has no subsidiaries across any sectors.
China Merchants Bank’s LinkedIn Followers
China Merchants Bank’s official LinkedIn profile has approximately 42,705 followers.
NAICS Classification of China Merchants Bank
China Merchants Bank is classified under the NAICS code 52211, which corresponds to Commercial Banking.
China Merchants Bank’s Presence on Crunchbase
No, China Merchants Bank does not have a profile on Crunchbase.
China Merchants Bank’s Presence on LinkedIn
Yes, China Merchants Bank maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/china-merchants-bank.
Cybersecurity Incidents Involving China Merchants Bank
As of November 27, 2025, Rankiteo reports that China Merchants Bank has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
China Merchants Bank has an estimated 6,707 peer or competitor companies worldwide.
China Merchants Bank CyberSecurity History Information
How many cyber incidents has China Merchants Bank faced ?
Total Incidents: According to Rankiteo, China Merchants Bank has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at China Merchants Bank ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=china-merchants-bank' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
