Harsco Rail
Company Details
Linkedin ID:
harsco-rail
Website:
Employees number:
890
Number of followers:
59,015
NAICS:
3365
Industry Type:
Homepage:
harscorail.com
IP Addresses:
0
Company ID:
HAR_1083058
Scan Status:
In-progress
Harsco Rail Company CyberSecurity Posture
harscorail.com
Harsco Rail, a division of Enviri Corporation, is a global supplier for railway track maintenance and construction. With a broad range of high quality equipment, cutting-edge technology, and worldwide support, Harsco Rail takes care of customers’ needs for virtually all major aspects of track maintenance and construction. Delivering innovation and performance, Harsco Rail meets the demands of the track every day. At Harsco Rail, we have spent over 100 years morphing ideas into innovation. Through our four business lines – Equipment, Aftermarket, Contracted Services, and Technology – Harsco Rail is a valued partner throughout the lifecycle of track. From construction, to maintenance, to renewal, we offer the same innovative solutions and world-class service that our customers have relied upon for nearly a century. With over 1,000 employees in over 50 countries, our team of motivated employees are crucial for our company’s success. Harsco Rail understands the importance of attracting qualified employees and providing them with the necessary tools for a long-term career. For more information about our job openings go to: https://www.harscorail.com/careers.html
Harsco Rail A.I CyberSecurity Scoring
Harsco Rail Risk Score (AI oriented)Between 750 and 799
Harsco Rail
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Harsco Rail Global Score (TPRM)XXXX
Harsco Rail
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Harsco Rail Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
Harsco Rail Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Harsco Rail
Incidents vs Railroad Equipment Manufacturing Industry Average (This Year)
No incidents recorded for Harsco Rail in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Harsco Rail in 2025.
Incident Types Harsco Rail vs Railroad Equipment Manufacturing Industry Avg (This Year)
No incidents recorded for Harsco Rail in 2025.
Incident History — Harsco Rail (X = Date, Y = Severity)
Harsco Rail cyber incidents detection timeline including parent company and subsidiaries
Harsco Rail Company Subsidiaries
Harsco Rail, a division of Enviri Corporation, is a global supplier for railway track maintenance and construction. With a broad range of high quality equipment, cutting-edge technology, and worldwide support, Harsco Rail takes care of customers’ needs for virtually all major aspects of track maintenance and construction. Delivering innovation and performance, Harsco Rail meets the demands of the track every day. At Harsco Rail, we have spent over 100 years morphing ideas into innovation. Through our four business lines – Equipment, Aftermarket, Contracted Services, and Technology – Harsco Rail is a valued partner throughout the lifecycle of track. From construction, to maintenance, to renewal, we offer the same innovative solutions and world-class service that our customers have relied upon for nearly a century. With over 1,000 employees in over 50 countries, our team of motivated employees are crucial for our company’s success. Harsco Rail understands the importance of attracting qualified employees and providing them with the necessary tools for a long-term career. For more information about our job openings go to: https://www.harscorail.com/careers.html
Loading...
Harsco Rail Similar Companies
Bureau Veritas Group
Bureau Veritas is a world leader in Testing, Inspection and Certification. Our mission is at the heart of key challenges: quality, health and safety, environmental protection and social responsibility. Through our wide range of expertise, impartiality and independence, we foster confidence between c
Republic Services
Republic Services provides the most complete set of recycling, waste and environmental solutions from a single-source provider. We partner with customers to help them achieve their sustainability goals, driving both environmental and economic sustainability. We offer advanced recycling; solid waste,
Eiffage Énergie Systèmes
Rejoindre Eiffage, c’est rejoindre une entreprise animée d’un esprit de famille unique. Nous recherchons des talents qui valorisent l’esprit d’équipe et l’entraide. Des talents qui souhaitent découvrir, progresser, innover dans un collectif engagé pour construire un avenir à taille humaine. Nous av
Clean Harbors
Clean Harbors is North America’s leading provider of environmental and industrial services. The Company serves a diverse customer base, including a majority of Fortune 500 companies. Its customer base spans a number of industries, including chemical, and manufacturing, as well as numerous government
Dalkia
Dalkia : ensemble, relevons le défi climatique ! Depuis 85 ans, Dalkia, filiale du groupe EDF et leader dans les services énergétiques, investit et développe les énergies renouvelables et de récupération et accompagne ses clients dans la durée pour les aider à faire des économies d'énergie et à rédu
RSK Group
RSK Group is a global leader in the delivery of environmental and engineering solutions. We recognise the urgent need for sustainable change and know that this will be achieved by delivering meaningful action, not just words. We are committed to supporting our clients and societies as they navigate
.png)
Harsco Rail CyberSecurity News
April 09, 2022 03:18 AM
Harsco Rail Selected to Provide Mark VI Tamping Machine
The Port Authority of Allegheny County in Pittsburgh, Pennsylvania, US, has selected Harsco Rail to provide one tamping machine.
April 07, 2022 03:42 PM
Harsco Rail a Division of Harsco Corporation
Harsco Rail, a division of Harsco Corporation, is a major international supplier of track construction and railway maintenance equipment to the world's...
March 25, 2021 07:00 AM
Thales launches eighth generation CBTC train control system
Thales presented various new digital applications during a press conference last week. One is a new version of the supplier's Communications Based Train...
July 27, 2020 07:00 AM
Harsco Rail signs its first ever rail grinder contract with Hungarian Railways
Harsco Corporation has announced that its Rail division has signed a $10.3 million contract with MÁV FKG Kft-t to provide it with an EU 20-stone rail grinder.
September 18, 2019 07:00 AM
DB Netz orders for catenary maintenance vehicles from Harsco Rail
Harsco Rail has signed a seven-year framework agreement for the supply of up to 56 catenary maintenance vehicles worth €250m ($276m) to DB...
September 17, 2019 07:00 AM
DB Netz awards major rail maintenance equipment order to Harsco Rail
Harsco Rail has secured its first-ever order with Europe's largest railway infrastructure manager, DB Netz AG, for delivery of infrastructure maintenance...
June 17, 2019 07:00 AM
Modern technology that fits your budget
Jim Resio, Vice President of Protran Technology, explores what rail maintenance solutions are available to increase tamper productivity.
November 15, 2017 08:00 AM
Harsco Rail advances technology in track maintenance and repair
Chris Larsen, Harsco Rail Product Manager, shares their progress in track maintenance automation, including their machine vision system and...
November 24, 2014 08:00 AM
Washington Metrorail
Washington Metrorail is a rapid transit system that connects Washington to various neighbouring regions. With five existing lines and one more line in planning.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Harsco Rail CyberSecurity History Information
Official Website of Harsco Rail
The official website of Harsco Rail is https://www.harscorail.com/.
Harsco Rail’s AI-Generated Cybersecurity Score
According to Rankiteo, Harsco Rail’s AI-generated cybersecurity score is 752, reflecting their Fair security posture.
How many security badges does Harsco Rail’ have ?
According to Rankiteo, Harsco Rail currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Harsco Rail have SOC 2 Type 1 certification ?
According to Rankiteo, Harsco Rail is not certified under SOC 2 Type 1.
Does Harsco Rail have SOC 2 Type 2 certification ?
According to Rankiteo, Harsco Rail does not hold a SOC 2 Type 2 certification.
Does Harsco Rail comply with GDPR ?
According to Rankiteo, Harsco Rail is not listed as GDPR compliant.
Does Harsco Rail have PCI DSS certification ?
According to Rankiteo, Harsco Rail does not currently maintain PCI DSS compliance.
Does Harsco Rail comply with HIPAA ?
According to Rankiteo, Harsco Rail is not compliant with HIPAA regulations.
Does Harsco Rail have ISO 27001 certification ?
According to Rankiteo,Harsco Rail is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Harsco Rail
Harsco Rail operates primarily in the Railroad Equipment Manufacturing industry.
Number of Employees at Harsco Rail
Harsco Rail employs approximately 890 people worldwide.
Subsidiaries Owned by Harsco Rail
Harsco Rail presently has no subsidiaries across any sectors.
Harsco Rail’s LinkedIn Followers
Harsco Rail’s official LinkedIn profile has approximately 59,015 followers.
NAICS Classification of Harsco Rail
Harsco Rail is classified under the NAICS code 3365, which corresponds to Railroad Rolling Stock Manufacturing.
Harsco Rail’s Presence on Crunchbase
No, Harsco Rail does not have a profile on Crunchbase.
Harsco Rail’s Presence on LinkedIn
Yes, Harsco Rail maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/harsco-rail.
Cybersecurity Incidents Involving Harsco Rail
As of November 27, 2025, Rankiteo reports that Harsco Rail has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
Harsco Rail has an estimated 275 peer or competitor companies worldwide.
Harsco Rail CyberSecurity History Information
How many cyber incidents has Harsco Rail faced ?
Total Incidents: According to Rankiteo, Harsco Rail has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at Harsco Rail ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=harsco-rail' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
