Comparison Overview

Embraer

VS

Spirit AeroSystems

Embraer

Av. Brigadeiro Faria Lima, 2170, São José dos Campos, SP, BR, 12227-901
Last Update: 2025-12-09
View Profile
Between 750 and 799
https://embraer.com/global/en

A global aerospace company headquartered in Brazil, Embraer has businesses in Commercial and Executive Aviation, Defense & Security, and Agricultural Aviation. The company designs, develops, manufactures and markets aircraft and systems, providing Services and Support to customer after-sales. Since it was founded in 1969, Embraer has delivered more than 8,000 aircraft. On average, about every 10 seconds an aircraft manufactured by Embraer takes off somewhere in the world, transporting over 145 million passengers a year.

NAICS: 3364
NAICS Definition: Aerospace Product and Parts Manufacturing
Employees: 23,638
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
1
View Profile

Spirit AeroSystems

Spirit AeroSystems, 3801 S Oliver St, Wichita, KS, 67210, US
Last Update: 2025-12-09
Between 750 and 799
http://www.spiritaero.com

Spirit AeroSystems defines and energizes modern aerospace manufacturing by delivering uncompromising quality, breakthrough innovations and high-skilled production expertise to commercial, defense and business aerospace programs. Spirit AeroSystems is the world’s largest tier-one manufacturer and supplier of aerostructures, a $7 billion global company with more than 14,800 employees worldwide. The company’s headquarters are located in Wichita, Kan. Other locations include Tulsa and McAlester, Okla.; Kinston, N.C.; Biddeford, ME; San Antonio, TX; Prestwick, Scotland; Belfast, Northern Ireland; Subang, Malaysia; Casablanca, Morocco and Saint-Nazaire, France.

NAICS: 3364
NAICS Definition: Aerospace Product and Parts Manufacturing
Employees: 12,252
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/embraer.jpeg
Embraer
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/spiritaero.jpeg
Spirit AeroSystems
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Embraer
100%
Compliance Rate
0/4 Standards Verified
Spirit AeroSystems
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Aviation and Aerospace Component Manufacturing Industry Average (This Year)

No incidents recorded for Embraer in 2025.

Incidents vs Aviation and Aerospace Component Manufacturing Industry Average (This Year)

No incidents recorded for Spirit AeroSystems in 2025.

Incident History — Embraer (X = Date, Y = Severity)

Embraer cyber incidents detection timeline including parent company and subsidiaries

Incident History — Spirit AeroSystems (X = Date, Y = Severity)

Spirit AeroSystems cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/embraer.jpeg
Embraer
Incidents

Date Detected: 12/2020
Type:Cyber Attack
Blog: Blog
https://images.rankiteo.com/companyimages/spiritaero.jpeg
Spirit AeroSystems
Incidents

No Incident

FAQ

Embraer company demonstrates a stronger AI Cybersecurity Score compared to Spirit AeroSystems company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Embraer company has historically faced a number of disclosed cyber incidents, whereas Spirit AeroSystems company has not reported any.

In the current year, Spirit AeroSystems company and Embraer company have not reported any cyber incidents.

Neither Spirit AeroSystems company nor Embraer company has reported experiencing a ransomware attack publicly.

Neither Spirit AeroSystems company nor Embraer company has reported experiencing a data breach publicly.

Embraer company has reported targeted cyberattacks, while Spirit AeroSystems company has not reported such incidents publicly.

Neither Embraer company nor Spirit AeroSystems company has reported experiencing or disclosing vulnerabilities publicly.

Neither Embraer nor Spirit AeroSystems holds any compliance certifications.

Neither company holds any compliance certifications.

Neither Embraer company nor Spirit AeroSystems company has publicly disclosed detailed information about the number of their subsidiaries.

Embraer company employs more people globally than Spirit AeroSystems company, reflecting its scale as a Aviation and Aerospace Component Manufacturing.

Neither Embraer nor Spirit AeroSystems holds SOC 2 Type 1 certification.

Neither Embraer nor Spirit AeroSystems holds SOC 2 Type 2 certification.

Neither Embraer nor Spirit AeroSystems holds ISO 27001 certification.

Neither Embraer nor Spirit AeroSystems holds PCI DSS certification.

Neither Embraer nor Spirit AeroSystems holds HIPAA certification.

Neither Embraer nor Spirit AeroSystems holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

A weakness has been identified in itsourcecode Online Pet Shop Management System 1.0. This vulnerability affects unknown code of the file /pet1/addcnp.php. This manipulation of the argument cnpname causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function image_check of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 2.6
Severity: HIGH
AV:N/AC:H/Au:N/C:N/I:P/A:N
cvss3
Base: 3.7
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
cvss4
Base: 6.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/update_student.php. This manipulation of the argument stud_id causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/save_user.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php. The manipulation of the argument user_id leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References