CYPCL
Company Details
Linkedin ID:
china-yangtze-power-co-ltd-
Website:
Employees number:
113
Number of followers:
335
NAICS:
335
Industry Type:
Homepage:
cypc.com.cn
IP Addresses:
0
Company ID:
CHI_1146267
Scan Status:
In-progress
China Yangtze Power Co., Ltd. Company CyberSecurity Posture
cypc.com.cn
China Yangtze Power is a electrical and electronic manufacturing company based out of BEIJING, BEJ, China.
China Yangtze Power Co., Ltd. A.I CyberSecurity Scoring
CYPCL Risk Score (AI oriented)Between 800 and 849
CYPCL
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
CYPCL Global Score (TPRM)XXXX
CYPCL
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
CYPCL Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
CYPCL Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for CYPCL
Incidents vs Appliances, Electrical, and Electronics Manufacturing Industry Average (This Year)
No incidents recorded for China Yangtze Power Co., Ltd. in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for China Yangtze Power Co., Ltd. in 2025.
Incident Types CYPCL vs Appliances, Electrical, and Electronics Manufacturing Industry Avg (This Year)
No incidents recorded for China Yangtze Power Co., Ltd. in 2025.
Incident History — CYPCL (X = Date, Y = Severity)
CYPCL cyber incidents detection timeline including parent company and subsidiaries
CYPCL Company Subsidiaries
China Yangtze Power is a electrical and electronic manufacturing company based out of BEIJING, BEJ, China.
Loading...
CYPCL Similar Companies
Bharat Heavy Electricals Limited
Established in 1964, BHEL is one of India's largest engineering and manufacturing enterprises in the energy and infrastructure sectors, and a leading power equipment manufacturer globally. BHEL serves the core sectors of the economy and provides a comprehensive portfolio of products, systems and ser
Panasonic North America
Panasonic is a leading technology provider of electric batteries and consumer lifestyle technologies, as well as innovative smart mobility, sustainable energy, and integrated supply chain solutions. Throughout Panasonic’s 100-year history, one of our guiding principles has always been to contribu
Honeywell is a Fortune 500 company that invents and manufactures technologies to address tough challenges linked to global macrotrends such as safety, security, and energy. With approximately 110,000 employees worldwide, including more than 19,000 engineers and scientists, we have an unrelenting foc
Gree Electric Appliances, Inc. of Zhuhai
Gree Electric Appliances, Inc. of Zhuhai is a diversified international industrial group, whose business covers residential air conditioners, central air conditioners, intelligent equipments, home appliances, air source water heaters, smart phones, refrigerators, etc. Gree was founded in 1991. It t
Tianma Microelectronics
Tianma Micro-electronics Co., Ltd (Tianma) specializes in providing display solutions and efficient support services worldwide. We were originally established in 1983 and publicly listed on the Shenzhen Stock Exchange (SZ. 000050) in 1995. Our company is committed to providing leading technology
Midea Group
Midea Group aspires to the vision of “Bringing Great Innovations to Life”, upholding the Founders’ philosophy of creating a better life through technology. Midea Group has evolved into a global leading technology company specializing in five major business areas: Smart Home Business, Industrial and
We’re the manufacturing partner of choice that helps a diverse customer base design and build products that improve the world. We love to hear your thoughts, comments and ideas so feel free to like, share and comment away. Any question or opinion is good to go as long as it is respectful and falls
Mettler-Toledo International, Inc
At METTLER TOLEDO, our mission is to empower industries worldwide with precision instruments and services that drive progress toward a better and more #sustainable future. Our teams operate at the forefront of #innovation, delivering cutting-edge instruments to a diverse range of industries, from #L
Established in 1984, Haier Group is a world-leading provider of solutions to better life. Focusing on user experience, Haier has been included on the list of BrandZ™ Top 100 Most Valuable Global Brands for two consecutive years as the world’s first and only IoT ecosystem brand. Haier has topped Glob
.png)
CYPCL CyberSecurity News
December 15, 2022 08:00 AM
Chinese companies added to U.S. entity list
The Biden administration on Thursday added Chinese memory chipmaker YMTC and 21 "major" Chinese players in the artificial intelligence chip...
July 01, 2022 07:00 AM
Power Plants in Three Gorges Sold to China Yangtze For $12bn
China Yangtze Power, in a filing to the Shanghai Stock Exchange, said it would buy Three Gorges Jinshajiang Yunchuan Hydropower, the company that owns the...
June 30, 2022 07:00 AM
China Yangtze Power to buy two hydropower stations for $12 bln
China Yangtze Power Co Ltd , the world's largest listed hydropower company by capacity, plans to buy two large hydropower stations for a...
December 01, 2012 08:00 AM
TOP PLANT: Three Gorges Dam, Yangtze River, Hubei Province, China
Owner/operator: China Yangtze Power Co., Ltd. After nine years of construction, installation, and testing, the Three Gorges Dam is now...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
CYPCL CyberSecurity History Information
Official Website of China Yangtze Power Co., Ltd.
The official website of China Yangtze Power Co., Ltd. is http://www.cypc.com.cn.
China Yangtze Power Co., Ltd.’s AI-Generated Cybersecurity Score
According to Rankiteo, China Yangtze Power Co., Ltd.’s AI-generated cybersecurity score is 818, reflecting their Good security posture.
How many security badges does China Yangtze Power Co., Ltd.’ have ?
According to Rankiteo, China Yangtze Power Co., Ltd. currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does China Yangtze Power Co., Ltd. have SOC 2 Type 1 certification ?
According to Rankiteo, China Yangtze Power Co., Ltd. is not certified under SOC 2 Type 1.
Does China Yangtze Power Co., Ltd. have SOC 2 Type 2 certification ?
According to Rankiteo, China Yangtze Power Co., Ltd. does not hold a SOC 2 Type 2 certification.
Does China Yangtze Power Co., Ltd. comply with GDPR ?
According to Rankiteo, China Yangtze Power Co., Ltd. is not listed as GDPR compliant.
Does China Yangtze Power Co., Ltd. have PCI DSS certification ?
According to Rankiteo, China Yangtze Power Co., Ltd. does not currently maintain PCI DSS compliance.
Does China Yangtze Power Co., Ltd. comply with HIPAA ?
According to Rankiteo, China Yangtze Power Co., Ltd. is not compliant with HIPAA regulations.
Does China Yangtze Power Co., Ltd. have ISO 27001 certification ?
According to Rankiteo,China Yangtze Power Co., Ltd. is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of China Yangtze Power Co., Ltd.
China Yangtze Power Co., Ltd. operates primarily in the Appliances, Electrical, and Electronics Manufacturing industry.
Number of Employees at China Yangtze Power Co., Ltd.
China Yangtze Power Co., Ltd. employs approximately 113 people worldwide.
Subsidiaries Owned by China Yangtze Power Co., Ltd.
China Yangtze Power Co., Ltd. presently has no subsidiaries across any sectors.
China Yangtze Power Co., Ltd.’s LinkedIn Followers
China Yangtze Power Co., Ltd.’s official LinkedIn profile has approximately 335 followers.
NAICS Classification of China Yangtze Power Co., Ltd.
China Yangtze Power Co., Ltd. is classified under the NAICS code 335, which corresponds to Electrical Equipment, Appliance, and Component Manufacturing.
China Yangtze Power Co., Ltd.’s Presence on Crunchbase
No, China Yangtze Power Co., Ltd. does not have a profile on Crunchbase.
China Yangtze Power Co., Ltd.’s Presence on LinkedIn
Yes, China Yangtze Power Co., Ltd. maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/china-yangtze-power-co-ltd-.
Cybersecurity Incidents Involving China Yangtze Power Co., Ltd.
As of November 27, 2025, Rankiteo reports that China Yangtze Power Co., Ltd. has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
China Yangtze Power Co., Ltd. has an estimated 9,139 peer or competitor companies worldwide.
China Yangtze Power Co., Ltd. CyberSecurity History Information
How many cyber incidents has China Yangtze Power Co., Ltd. faced ?
Total Incidents: According to Rankiteo, China Yangtze Power Co., Ltd. has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at China Yangtze Power Co., Ltd. ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=china-yangtze-power-co-ltd-' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
