What is the official website of Cisco Service Provider ?

The official website of Cisco Service Provider is https://http://cs.co/SP.

What is Cisco Service Provider's cybersecurity risk score?

Cisco Service Provider has an AI-generated cybersecurity risk score of 748 out of 1000, indicating a Moderate security posture according to Rankiteo's assessment.

How many security incidents has Cisco Service Provider experienced?

According to Rankiteo, Cisco Service Provider currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Cisco Service Provider been affected by any supply chain cyber incidents ?

According to Rankiteo, Cisco Service Provider has been affected by multiple supply chain cyber incidents. The affected supply chain sources and their corresponding incident IDs are: Microsoft Security (Incident ID: PUTWEBANYMIC1779215753) GitHub (Incident ID: GIT1779251025) Prime Communications MX (Incident ID: PRICIS1776775110) Aqua Security (Incident ID: AQUUSEAMASALCIS1775046662) Legit Security (Incident ID: AQU1774441468) Tecplix Technologies Private Limited (Incident ID: BAD1772389516) Cisco (Incident ID: CISSAI1773859283) Cisco (Incident ID: CIS1766051696) SmarterTools (Incident ID: SHI1766477260) SolarWinds (Incident ID: SOLSONCIS1776457498) OpenClaw (Incident ID: TP-HIKFOXGOOREVARITHEOPECIS1770645410) Cisco (Incident ID: KET5232452102025) Cisco (Incident ID: CIS5802058092725) Cisco (Incident ID: SAL5732257091825) Cisco (Incident ID: US-1776976007) Fortinet (Incident ID: FORCISAMAJPM1767748297) Veeam Software (Incident ID: SON0492204092925) Veeam Software (Incident ID: VEESONCIS1775140482)

Does Cisco Service Provider have SOC 2 Type 1 certification ?

According to Rankiteo, Cisco Service Provider is not certified under SOC 2 Type 1.

Does Cisco Service Provider have SOC 2 Type 2 certification ?

According to Rankiteo, Cisco Service Provider does not hold a SOC 2 Type 2 certification.

Does Cisco Service Provider comply with GDPR ?

According to Rankiteo, Cisco Service Provider is not listed as GDPR compliant.

Does Cisco Service Provider have PCI DSS certification ?

According to Rankiteo, Cisco Service Provider does not currently maintain PCI DSS compliance.

Does Cisco Service Provider comply with HIPAA ?

According to Rankiteo, Cisco Service Provider is not compliant with HIPAA regulations.

Does Cisco Service Provider have ISO 27001 certification ?

According to Rankiteo,Cisco Service Provider is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Cisco Service Provider operate in ?

Cisco Service Provider operates primarily in the IT Services and IT Consulting industry.

How many employees does Cisco Service Provider have ?

Cisco Service Provider employs approximately 1 people worldwide.

Does Cisco Service Provider own any subsidiaries ?

Cisco Service Provider presently has no subsidiaries across any sectors.

How many LinkedIn followers does Cisco Service Provider have ?

Cisco Service Provider's official LinkedIn profile has approximately 79,204 followers.

What is the NAICS classification code for Cisco Service Provider ?

Cisco Service Provider is classified under the NAICS code 5415, which corresponds to Computer Systems Design and Related Services.

Does Cisco Service Provider have a Crunchbase profile ?

No, Cisco Service Provider does not have a profile on Crunchbase.

Does Cisco Service Provider have a LinkedIn profile ?

Yes, Cisco Service Provider maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/cisco-service-provider.

How many cybersecurity incidents has Cisco Service Provider experienced ?

As of June 6, 2026, Rankiteo reports that Cisco Service Provider has experienced 56 cybersecurity incidents.

How many peer or competitor companies does Cisco Service Provider have ?

Cisco Service Provider has an estimated 40,584 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

CSP

Boost Score +25 with badge (5 left)

748

/1000

Moderate

773

/1000

Fair

Cisco Service Provider Vendor Cyber Rating & Cyber Score

cs.co

Add Your Compliance Badge

This is the official Cisco LinkedIn page for Service Provider updates, insights, trends, news, and events.

CSP A.I CyberSecurity Scoring

Scoring History

CSP

Cisco Service Provider CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Cisco

Breach

6/2026

CISTHE178059144...

Cisco

Vulnerability

100

6/2026

CIS1780568638

Cisco

Vulnerability

100

5/2026

CIS1779359208

Webex

Cyber Attack

5/2026

Microsoft Secur...

PUTWEBANYMIC177...

Cisco

Breach

5/2026

GitHub

GIT1779251025

Cisco Meraki

Vulnerability

4/2026

Prime Communica...

PRICIS177677511...

Cisco

Vulnerability

4/2026

CIS1776327928

Cisco

Vulnerability

100

4/2026

CIS1775493782

Cisco

Vulnerability

100

4/2026

CIS1775111249

Cisco

Vulnerability

100

4/2026

Aqua Security

AQUUSEAMASALCIS...

Cisco Security

Vulnerability

100

3/2026

CIS1774506416

Cisco

Cyber Attack

100

3/2026

Legit Security

AQU1774441468

Cisco

Vulnerability

3/2026

CIS1773304317

Outshift by Cisco

Cyber Attack

3/2026

NYLJPMOUTOUT177...

Cisco

Cyber Attack

100

3/2026

Tecplix Technol...

BAD1772389516

Cisco

Vulnerability

100

3/2026

CIS1772699055

Cisco

Vulnerability

100

2/2026

CIS1772080050

Cisco

Vulnerability

2/2026

CIS1770280632

Cisco

Vulnerability

100

1/2026

Cisco

CISSAI177385928...

Cisco

Vulnerability

1/2026

CISSYN177430507...

Cisco

Vulnerability

100

1/2026

CIS1769059373

Cisco

Vulnerability

1/2026

CIS1767871927

Cisco

Vulnerability

1/2026

CIS1778171136

Cisco

Vulnerability

100

1/2026

CIS1775125662

Cisco

Vulnerability

100

12/2025

Cisco

CIS1766051696

Cisco

Breach

11/2025

SmarterTools

SHI1766477260

Cisco Service Provi...

Ransomware

100

11/2025

CIS070210711112...

Cisco

Vulnerability

100

11/2025

SolarWinds

SOLSONCIS177645...

Cisco Security

Cyber Attack

11/2025

OpenClaw

TP-HIKFOXGOOREV...

Cisco

Ransomware

100

10/2025

Cisco

KET523245210202...

Cisco

Cyber Attack

100

9/2025

Cisco

CIS580205809272...

Cisco

Cyber Attack

100

9/2025

Cisco

SAL573225709182...

Cisco

Cyber Attack

100

9/2025

Cisco

US-1776976007

Cisco Service Provi...

Vulnerability

100

8/2025

CIS069210609302...

Cisco Service Provi...

Vulnerability

100

7/2025

CIS905072925

Cisco Service Provi...

Cyber Attack

100

6/2025

CIS526205209262...

Cisco Service Provi...

Vulnerability

100

5/2025

CIS751081525

Cisco

Breach

1/2025

CISVMWJUNCAN177...

Cisco

Vulnerability

100

12/2024

Fortinet

FORCISAMAJPM176...

Cisco Service Provi...

Cyber Attack

100

6/2024

CIS203202009282...

Cisco

Ransomware

100

6/2024

Veeam Software

SON049220409292...

Cisco Service Provi...

Vulnerability

100

4/2024

CIS000082424

Cisco

Ransomware

100

1/2024

CIS1774355311

Cisco Service Provi...

Data Leak

11/2023

CIS1221121123

Cisco

Ransomware

100

3/2023

Veeam Software

VEESONCIS177514...

Cisco

Vulnerability

100

1/2023

CIS1772072640

Cisco Service Provi...

Breach

100

9/2022

CIS193291022

Cisco Service Provi...

Ransomware

08/2022

CIS0217922

Cisco Service Provi...

Ransomware

100

5/2022

CIS280222811112...

Cisco Service Provi...

Vulnerability

02/2022

CIS13829322

Cisco

Ransomware

100

7/2021

CIS1774362550

Cisco

Breach

1/2020

TICHARATTPRIMCD...

Cisco

Vulnerability

100

1/2020

BROMIC7-ENGICIS...

Cisco Service Provi...

Breach

9/2018

CIS205918123

Cisco Service Provi...

Vulnerability

100

6/2018

CIS929041225

Cisco Service Provi...

Breach

8/2016

CIS747072825

Loading…

A.I.

CSP Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for CSP

Incidents vs IT Services and IT Consulting Industry Avg (This Year)

No incidents recorded for Cisco Service Provider in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Cisco Service Provider in 2026.

Incident Types CSP vs IT Services and IT Consulting Industry Avg (This Year)

No incidents recorded for Cisco Service Provider in 2026.

Incident History - CSP (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Cisco Service Provider Subsidiaries

CSP

IT Services and IT Consulting

Website: https://http://cs.co/SP

Company Size: 1

CiscoSoftware Development

Cisco Networking AcademyComputer Networking Products

Cisco Enterprise NetworkingIT Services and IT Consulting

TIBCO Data FabricSoftware Development

TIBCO Data VisualizationSoftware Development

Techno Sapien PodcastEducation

Cisco CommunityIT Services and IT Consulting

Loading…

Cisco Service Provider Similar Companies

Infinite Computer Solutions

infinite.com

Infinite is a global leader in technology modernization, next-gen IT services and solutions, and digital engineering, with over two decades of experience helping clients turn digital transformation into business value. Leveraging an AI-first approach, we combine leading technologies, innovative platforms and accelerators with practical know-how. With the scale of over 23,000 talented professionals across 20+ global locations, we proudly serve hundreds of clients, across all industries including healthcare, financial services, telecom, technology, media, and more. At Infinite, we go beyond technology. We collaborate deeply with our clients to deliver innovative, tailored and client-focused solutions. Infinite is proud to be recognized by ISG, Avasant, Everest Group, HFS, Fosway Group and others for the innovation and leadership we bring to our clients.

HCLTech

hcltech.com

HCLTech is a global technology company, home to more than 227,000 people across 60 countries, delivering industry-leading capabilities centered around AI, digital, engineering, cloud and software, powered by a broad portfolio of technology services and products. We work with clients across all major verticals, providing industry solutions for Financial Services, Manufacturing, Life Sciences and Healthcare, Technology and Services, Semiconductor, Telecom and Media, Retail and CPG, Mobility and Public Services. Consolidated revenues as of 12 months ending March 2026 totaled $14.7 billion. To learn how we can supercharge progress for you, visit hcltech.com

Zensar Technologies

zensar.com

Zensar stands out as a premier technology consulting and services company, embracing an ‘experience-led everything’ philosophy. We are creators, thinkers, and problem solvers passionate about designing digital experiences that are engineered into scale-ready products, services, and solutions to deliver superior engagement to high-growth companies. This full lifecycle capability – from experience to engineering to engagement – is what makes us unique. This integrated approach also means that we harness the power of technology, creativity, and insight to deliver impact — ensuring our work focuses not just on technology but also on the people who use it. Part of the $4.4 billion RPG Group, Zensar is headquartered in Pune, India. Our 10,000+ employees work across 30+ locations worldwide, including Seattle, Princeton, Cape Town, London, Singapore, and Mexico City. As an organization, we are diverse and multi-dimensional and unite across geographies and skill sets to deliver products and services that are value-driven, environmentally conscious, and human-centered. To know more, visit us at www.zensar.com.

Globant

cb globant.link

At Globant, we create the digitally-native products that people love. We bridge the gap between businesses and consumers through technology and creativity, leveraging our experience as an AI powerhouse. We dare to digitally transform organizations and strive to delight their customers. - We have more than 30,000 employees and are present in 33 countries across 5 continents, working for companies like Google, Electronic Arts, and Santander, among others. - We were named a Worldwide Leader in AI Services (2023) and a Worldwide Leader in CX Improvement Services (2020) by IDC MarketScape report. - We are the fastest-growing IT brand and the 5th strongest IT brand globally (2024), according to Brand Finance. - We were featured as a business case study at Harvard, MIT, and Stanford. - We are active members of The Green Software Foundation (GSF) and the Cybersecurity Tech Accord. For more information, visit https://bit.ly/globant_com Follow us: http://www.twitter.com/globant http://www.youtube.com/Globant http://www.facebook.com/Globant https://instagram.com/Globant https://www.tiktok.com/@globant

Dimension Data

cb dimensiondata.com

Dimension Data is a leading African born technology provider operating in the Middle East and Africa, offering a portfolio of services including systems integration, managed services infrastructure, cloud solutions, business applications, customer experience, and intelligent security solutions. We provide innovative solutions that optimise today’s evolving technology environments, enabling clients to leverage data in a digital age. Founded in 1983, and headquartered in Johannesburg, Dimension Data is a proud member of the NTT Group, one of the world’s leading information communication technology (ICT) companies, comprising a group of global technology companies. In 2020, Dimension Data completed its transition to operate as one entity consolidating all its subsidiaries under a single Dimension Data brand employing over 10 000 employees across 15 countries. We continue to invest heavily in innovation bringing together the world’s best technologies, from consulting, technical and support services to a fully managed service. Dimension Data is currently a level 2 BBBEE contributor after successfully concluding a significant BBBEE transaction in 2019. Dimension Data will continue to implement strategies to ensure it contributes meaningfully to transformation towards an inclusive society.

Amazon Web Services (AWS)

amazon.com

Launched in 2006, Amazon Web Services (AWS) began exposing key infrastructure services to businesses in the form of web services -- now widely known as cloud computing. The ultimate benefit of cloud computing, and AWS, is the ability to leverage a new business model and turn capital infrastructure expenses into variable costs. Businesses no longer need to plan and procure servers and other IT resources weeks or months in advance. Using AWS, businesses can take advantage of Amazon's expertise and economies of scale to access resources when their business needs them, delivering results faster and at a lower cost. Today, Amazon Web Services provides a highly reliable, scalable, low-cost infrastructure platform in the cloud that powers hundreds of thousands of businesses in 190 countries around the world. With data center locations in the U.S., Europe, Singapore, and Japan, customers across all industries are taking advantage of our low cost, elastic, open and flexible, secure platform.

SoftServe

softserveinc.com

SoftServe is a premier IT consulting and digital services provider. We expand the horizon of new technologies to solve today's complex business challenges and achieve meaningful outcomes for our clients. Our boundless curiosity drives us to explore and reimagine the art of the possible. Clients confidently rely on SoftServe to architect and execute mature and innovative capabilities, such as digital engineering, data and analytics, cloud, and AI/ML. Our global reputation is gained from more than 30 years of experience delivering superior digital solutions at exceptional speed by top-tier engineering talent to enterprise industries, including high tech, financial services, healthcare, life sciences, retail, energy, and manufacturing. At SoftServe, we live by our values. Trust, teamwork, growth, innovation, willingness to help, and exceeding expectations are engrained in everything we do. We partner with major technology players, such as Google Cloud Platform, Amazon Web Services, Microsoft Azure, Salesforce, NVIDIA, MuleSoft, VMware, and Odoo, to give clients a competitive advantage in the market. Founded in 1993, our global firm is headquartered in Austin, Texas, USA, and Lviv, Ukraine. Visit our website, blog, media, and news pages for more information. Blog: softserveinc.com/blog Media: softserveinc.com/media News: softserveinc.com/news

NTT DATA North America

nttdata.com

NTT DATA, Inc. is a trusted global innovator of business and technology services. We're committed to helping clients innovate, optimize and transform for long-term success. Our R&D investments help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity.

Diebold Nixdorf

cb DieboldNixdorf.com

Diebold Nixdorf automates, digitizes and transforms the way people bank and shop. Its integrated solutions connect digital and physical channels conveniently, securely and efficiently for millions of consumers every day. As an innovation partner for nearly all of the world's top 100 financial institutions and a majority of the top 25 global retailers, Diebold Nixdorf delivers unparalleled services and technology that power the daily operations and consumer experience of financial institutions and retailers around the world.

Loading…

NEWS

Cisco Service Provider CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

January 20, 2026 08:00 AM

15 Best Cybersecurity Certifications In 2026

Explore the 15 best cybersecurity certifications, including the requirements needed to earn them and the benefits each credential can have...

Read Article

January 14, 2026 08:00 AM

10 Best Network Security Providers for Ecommerce - 2026

Network Security Providers for Ecommerce: 1. Perimeter81 2. Fortinet 3. Palo Alto Networks 4. Cisco 5. Sophos 6. Trend Micro 7. Trend Micro.

Read Article

January 09, 2026 08:00 AM

Navigating E-rate for FY2026: Key Deadlines and New Opportunities

The FCC has opened the E-Rate FY2026 application window, unveiled initial cybersecurity pilot funding, and finalized key updates to eligible...

Read Article

January 09, 2026 08:00 AM

10 Best Network Security Providers for Government Sectors - 2026

Network security providers for the government: 1. Perimeter81 2. Cisco 3. Palo Alto Networks 4. Fortinet 5. Symantec 6. Trend Micro.

Read Article

January 05, 2026 08:00 AM

25 Best Managed Security Service Providers (MSSP) In 2026

Managed Security Service Providers (MSSPs) specialize in outsourced cyber defense, shielding firms from relentless threats.

Read Article

January 05, 2026 08:00 AM

50 World's Best Cyber Security Companies - 2026

Best Cyber Security Companies : 1. Checkpoint 2. Akamai 3. Palo Alto Networks 4. Kaspersky 5. Trellix 6. Perimeter 81 7. CrowdStrike.

Read Article

January 02, 2026 08:00 AM

Top 10 Best MSSP (Managed Security Service Provider) Companies in 2026

Best MSSP Companies : 1. Cisco 2. Trustwave 3. IBM Security 4. Accenture Security 5. McAfee 6. Verizon 7. Check Point 8. AT&T Cybersecurity.

Read Article

November 13, 2025 08:00 AM

ThreatsDay Bulletin: Cisco 0-Days, AI Bug Bounties, Crypto Heists, State-Linked Leaks and 20 More Stories

Global cyber roundup: new AI bug bounties, malware threats, GDPR backlash, Cisco zero-days, data leaks, and rising attacks on key...

Read Article

October 21, 2025 07:00 AM

Cisco’s Splunk Cloud awarded DESC cybersecurity certification in Dubai

It is built on internationally recognized frameworks, ensuring that certified providers meet the highest benchmarks for information security...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-7654

SUMMARY

The Admin Columns plugin for WordPress is vulnerable to PHP Object Injection leading to Remote Code Execution in versions up to and including 7.0.18. This is due to the use of `unserialize()` without an `allowed_classes` restriction in the `IdsToCollection::get_ids_from_string()` function, which processes attacker-controlled post meta values without proper validation. This makes it possible for authenticated attackers with Contributor-level access and above to inject a serialized PHP object into a post's custom meta field and trigger arbitrary code execution by exploiting a bundled POP gadget chain, resulting in remote code execution as the web server user.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: 8.8)

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-7523

SUMMARY

The Alba Board plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.1.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to access arbitrary private alba_card post data, including title, description, assignee, due date, tags, and comments, that is intended to be restricted to Administrators and Editors. The handler is registered via the wp_ajax_nopriv_ hook and its nonce is exposed to all site visitors through wp_localize_script on pages containing the [alba_board] shortcode, making this exploitable by unauthenticated users who can access any such page.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: 4.3)

cvss3

Base Score: 4.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Impact Score

1.4

Exploitability

2.8

REFERENCES

CVE-2026-45409

SUMMARY

Internationalized Domain Names in Applications (IDNA) for Python provides support for Internationalized Domain Names in Applications (IDNA) and Unicode IDNA Compatibility Processing. In versions prior to 3.15, payloads such as `"\u0660" * N` or `"\u30fb" * N + "\u6f22"` utilize the `valid_contexto` function prior to length rejection, and for high values of `N` will take a long time to process. This is the same issue as CVE-2024-3651, however the original remediation in 2024 was not a complete fix. A specially crafted argument to the `idna.encode()` function could consume significant resources. This may lead to a denial-of-service. Starting in version 3.14, the function rejects long inputs as soon as practicable prior to any further processing to minimize resource consumption. In version 3.15, this approach was extended to lesser used alternate functions (i.e. per-label conversions and codec support). A workaround is available. Domain names cannot exceed 253 characters in length. If this length limit is enforced prior to passing the domain to the `idna.encode()` function, it should no longer consume significant resources. This is triggered by arbitrarily large inputs that would not occur in normal usage, but may be passed to the library assuming there is no preliminary input validation by the higher-level application.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 6.9

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://github.com/kjd/idna/security/advisories/GHSA-65pc-fj4g-8rjx

CVE-2026-11431

SUMMARY

A path traversal vulnerability exists in the Projects Service download endpoint shared by Altium Enterprise Server and Altium 365. An authenticated user can supply a crafted path parameter that bypasses validation, allowing arbitrary files (including entire directories returned as archives) to be read from the server filesystem. Because the readable files include service configuration and credential material, exploitation can be used to gather information enabling further compromise. The issue can be combined with CVE-2026-11424 to reach the cloud-side endpoint. On multi-tenant Altium 365 deployments, the readable configuration could have exposed credentials shared across services. Altium Enterprise Server is fixed in 8.1.1; the issue has been remediated in Altium 365 at the service level.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 8.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://www.altium.com/platform/security-compliance/security-advisories

CVE-2026-11429

SUMMARY

A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequence of post-clone file-manipulation operations that use user-supplied paths without validation, allowing an authenticated user with basic git access to move arbitrary files outside the intended repository area. This file-move primitive can be used to place attacker-controlled script content into directories where it is later executed by the service, resulting in remote code execution under the Git Service account. On multi-tenant Altium 365 deployments, this could have allowed access to data belonging to other tenants on the same infrastructure node. Altium Enterprise Server is fixed in 8.1.1; the issue has been remediated in Altium 365 at the service level.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 9.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://www.altium.com/platform/security-compliance/security-advisories

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…