CNOOC
Last Update: 2025-12-10
Between 800 and 849
None
NAICS: 211
NAICS Definition: Oil and Gas Extraction
Employees: 3,848
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
Comparison Overview
CNOOC
VS
Chevron
Chevron
Last Update: 2025-12-10
Between 800 and 849
Our greatest resource is our people. Their ingenuity, creativity and collaboration have met the complex challenges of energy’s past. Together, we’ll take on the future. We support the LinkedIn Terms of Use (User Agreement), and we expect visitors to our page to do the same. We encourage open, lively conversation with a few simple rules: --We reserve the right to correct factual errors. --We will reply to comments when appropriate. --If we disagree with other opinions, we will do so respectfully. --You may not post anything that is spam or that is abusive, profane, or defamatory toward a person, entity, belief, or symbol. --We will delete any posts that contain personal information such as email addresses, phone numbers and physical addresses, and other third party intellectual property material, when that information does not belong to the author of the post. --You may not post job listings for non-Chevron positions. --While we support lively, open discussion, we reserve the right to delete comments.
NAICS: 211
NAICS Definition: Oil and Gas Extraction
Employees: 49,879
Subsidiaries: 10
12-month incidents
0
Known data breaches
0
Attack type number
0
Compliance Badges Comparison
Security & Compliance Standards Overview
CNOOC
ISO 27001
Not verified
SOC2 Type 1
Not verified
SOC2 Type 2
Not verified
GDPR
Not verified
PCI DSS
Not verified
HIPAA
Not verified
Chevron
ISO 27001
Not verified
SOC2 Type 1
Not verified
SOC2 Type 2
Not verified
GDPR
Not verified
PCI DSS
Not verified
HIPAA
Not verified
Compliance Summary
CNOOC
100%
Compliance Rate
0/4 Standards Verified
Chevron
0%
Compliance Rate
0/4 Standards Verified
Benchmark & Cyber Underwriting Signals
Incidents vs Oil and Gas Industry Average (This Year)
No incidents recorded for CNOOC in 2025.
Incidents vs Oil and Gas Industry Average (This Year)
No incidents recorded for Chevron in 2025.
Incident History — CNOOC (X = Date, Y = Severity)
CNOOC cyber incidents detection timeline including parent company and subsidiaries
Incident History — Chevron (X = Date, Y = Severity)
Chevron cyber incidents detection timeline including parent company and subsidiaries
Notable Incidents
Last 3 Security & Risk Events by Company
CNOOC
Incidents
No Incident
Chevron
Incidents
No Incident
FAQ
Chevron company demonstrates a stronger AI Cybersecurity Score compared to CNOOC company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.
Historically, Chevron company has disclosed a higher number of cyber incidents compared to CNOOC company.
In the current year, Chevron company and CNOOC company have not reported any cyber incidents.
Neither Chevron company nor CNOOC company has reported experiencing a ransomware attack publicly.
Neither Chevron company nor CNOOC company has reported experiencing a data breach publicly.
Neither Chevron company nor CNOOC company has reported experiencing targeted cyberattacks publicly.
Neither CNOOC company nor Chevron company has reported experiencing or disclosing vulnerabilities publicly.
Neither CNOOC nor Chevron holds any compliance certifications.
Neither company holds any compliance certifications.
Chevron company has more subsidiaries worldwide compared to CNOOC company.
Chevron company employs more people globally than CNOOC company, reflecting its scale as a Oil and Gas.
Neither CNOOC nor Chevron holds SOC 2 Type 1 certification.
Neither CNOOC nor Chevron holds SOC 2 Type 2 certification.
Neither CNOOC nor Chevron holds ISO 27001 certification.
Neither CNOOC nor Chevron holds PCI DSS certification.
Neither CNOOC nor Chevron holds HIPAA certification.
Neither CNOOC nor Chevron holds GDPR certification.
Latest Global CVEs (Not Company-Specific)
Description
A weakness has been identified in itsourcecode Online Pet Shop Management System 1.0. This vulnerability affects unknown code of the file /pet1/addcnp.php. This manipulation of the argument cnpname causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function image_check of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be exploited.
Risk Information
cvss2
Base: 2.6
Severity: HIGH
AV:N/AC:H/Au:N/C:N/I:P/A:N
cvss3
Base: 3.7
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
cvss4
Base: 6.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/update_student.php. This manipulation of the argument stud_id causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/save_user.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php. The manipulation of the argument user_id leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
