HSR
Company Details
Linkedin ID:
helse-sor-ost-rhf
Website:
Employees number:
24,140
Number of followers:
13,857
NAICS:
62
Industry Type:
Homepage:
helse-sorost.no
IP Addresses:
34
Company ID:
HEL_8705423
Scan Status:
Completed
Helse Sør-Øst RHF Company CyberSecurity Posture
helse-sorost.no
South Eastern Norway Regional health Authority is a merger between the former Eastern and South regional Health Authority. Responsible for secondary healthcare services for the south-eastern parts of Norway 2.5 million people (approx 52% of population) cost containment budget 58 billion Nkr. 100% state-owned trust with full legal and financial responsibilities, own board and non-political CEO/management. Integrated payer and provider with a two-fold responsibility: Own and operate hospitals as efficiently as possible Provide region with high quality secondary care services (through own hospitals, private hospitals or hospitals in other regions) Ambitious turnaround program with 5 main elements; Hospital structure and service reconfiguration, Research strategy, IT and support services, Best practice management Mobilizing staff and leaders
Helse Sør-Øst RHF A.I CyberSecurity Scoring
HSR Risk Score (AI oriented)Between 650 and 699
HSR
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
HSR Global Score (TPRM)XXXX
HSR
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
HSR Company CyberSecurity News & History
Past Incidents
2
Attack Types
1
Helse Sør-Øst RHF
Breach
Rankiteo Explanation
Attack threatening the organization’s existence
Description: The healthcare organisation responsible for overseeing hospitals in the southeast of Norway, called Health South-East RHF, has announced that there was a security breach that exposed private information belonging to over 50% of the population. HelseCERT, the national healthcare security centre, released a statement about the event after discovering unusual behaviour against local computer systems. The security vulnerability, according to HelseCert, was caused by an attack carried out by skilled and knowledgeable hackers. Authorities and experts surmise that the Health South-East RHF data breach may have been the consequence of a foreign state's cyber espionage effort, which aimed to obtain information about politicians, government employees, and members of the armed forces.
Health South-East Regional Health Authority (RHF)
Breach
Rankiteo Explanation
Attack that could injure or kill people
Description: A sophisticated cyberattack targeted **Health South-East RHF**, Norway’s regional healthcare authority overseeing hospitals across ten counties, including Oslo and Akershus. The breach compromised the **personal and health records of ~2.9 million Norwegians**—over half the nation’s population—exposing data such as names, birth dates, social security numbers, diagnosis codes, policy numbers, and billing information. The attackers, described as 'advanced and professional' by **HelseCERT** (Norway’s healthcare cybersecurity response team), exploited abnormal system activity, though the exact exfiltration volume and patient safety impacts remain unconfirmed.The stolen data poses **long-term identity theft risks**, as medical records hold higher dark web value than financial data due to their permanence and depth. Fraudsters could file fake insurance claims, tax returns, or commit financial fraud using the exposed details. While no immediate patient harm (e.g., delayed treatments) was reported, the breach undermines trust in Norway’s **critical national infrastructure**, given healthcare’s intersection with state security. Authorities, including **NorCERT**, are investigating the attack’s scale and attribution, with suspicions ranging from cybercriminal syndicates to state-sponsored actors.
HSR Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for HSR
Incidents vs Hospitals and Health Care Industry Average (This Year)
Helse Sør-Øst RHF has 33.33% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Helse Sør-Øst RHF has 56.25% more incidents than the average of all companies with at least one recorded incident.
Incident Types HSR vs Hospitals and Health Care Industry Avg (This Year)
Helse Sør-Øst RHF reported 1 incidents this year: 0 cyber attacks, 0 ransomware, 0 vulnerabilities, 1 data breaches, compared to industry peers with at least 1 incident.
Incident History — HSR (X = Date, Y = Severity)
HSR cyber incidents detection timeline including parent company and subsidiaries
HSR Company Subsidiaries
South Eastern Norway Regional health Authority is a merger between the former Eastern and South regional Health Authority. Responsible for secondary healthcare services for the south-eastern parts of Norway 2.5 million people (approx 52% of population) cost containment budget 58 billion Nkr. 100% state-owned trust with full legal and financial responsibilities, own board and non-political CEO/management. Integrated payer and provider with a two-fold responsibility: Own and operate hospitals as efficiently as possible Provide region with high quality secondary care services (through own hospitals, private hospitals or hospitals in other regions) Ambitious turnaround program with 5 main elements; Hospital structure and service reconfiguration, Research strategy, IT and support services, Best practice management Mobilizing staff and leaders
Loading...
HSR Similar Companies
UMass Memorial Health
UMass Memorial Health is the health and wellness partner of the people of Central Massachusetts. Through pain and pandemics, our commitment to our communities never wanes. We use knowledge and innovation to create breakthrough medicine, to create jobs, and to make life better for those we serve. We
Hapvida NotreDame Intermédica
Com cerca de 80 anos de experiência, a Hapvida é hoje a maior empresa de saúde integrada da América Latina. A companhia, que possui mais de 69 mil colaboradores, atende quase 16 milhões de beneficiários de saúde e odontologia espalhados pelas cinco regiões do Brasil. Todo o aparato foi construído a
Jefferson Health
Thomas Jefferson University and Thomas Jefferson University Hospitals are partners in providing excellent clinical and compassionate care for our patients in the Philadelphia region, educating the health professionals of tomorrow in a variety of disciplines and discovering new knowledge that will de
Lifespan
Formed in 1994, Brown University Health (Formerly Lifespan) is a not-for-profit health system based in Providence, RI comprising three teaching hospitals of The Warren Alpert Medical School of Brown University: Rhode Island Hospital and its Hasbro Children's; The Miriam Hospital; and Bradley Hospita
The International SOS Group of Companies has been in the business of saving lives for over 40 years. Protecting global workforces from health and security threats, we deliver customised health, security risk management and wellbeing solutions to fuel our clients’ growth and productivity. In the even
OhioHealth
OhioHealth is a nationally recognized, not-for-profit, faith-based health system of more than 35,000 associates, providers and volunteers. We lead with our mission to improve the health of those we serve throughout our 16 hospitals and 200+ urgent, primary and specialty care sites spanning 50 Ohio c
UAB Medicine
As a nationally ranked academic medical center and one of Alabama’s largest employers, UAB Medicine is about teamwork, support, mentorship, and collaboration. Employees are empowered to lead, learn, and innovate as they deliver world-class care to every patient, every family, every time. When you ar
The people of Memorial Sloan Kettering Cancer Center (MSK) are united by a singular mission: ending cancer for life. Our specialized care teams provide personalized, compassionate, expert care to patients of all ages. Informed by basic research done at our Sloan Kettering Institute, scientists acros
EsSalud
El Seguro Social de Salud, EsSalud, es un organismo público descentralizado, con personería jurídica de derecho público interno, adscrito al Sector Trabajo y Promoción Social. Tiene por finalidad dar cobertura a los asegurados y sus derechohabientes, a través del otorgamiento de prestaciones de pre
.png)
HSR CyberSecurity News
January 18, 2018 08:00 AM
Norwegian health authority hacked, patient data of nearly 3 million citizens possibly compromised
Hackers have breached the systems of the Southern and Eastern Norway Regional Health Authority (Helse Sør-Øst RHF), and possibly made off...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
HSR CyberSecurity History Information
Official Website of Helse Sør-Øst RHF
The official website of Helse Sør-Øst RHF is https://helse-sorost.no.
Helse Sør-Øst RHF’s AI-Generated Cybersecurity Score
According to Rankiteo, Helse Sør-Øst RHF’s AI-generated cybersecurity score is 692, reflecting their Weak security posture.
How many security badges does Helse Sør-Øst RHF’ have ?
According to Rankiteo, Helse Sør-Øst RHF currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Helse Sør-Øst RHF have SOC 2 Type 1 certification ?
According to Rankiteo, Helse Sør-Øst RHF is not certified under SOC 2 Type 1.
Does Helse Sør-Øst RHF have SOC 2 Type 2 certification ?
According to Rankiteo, Helse Sør-Øst RHF does not hold a SOC 2 Type 2 certification.
Does Helse Sør-Øst RHF comply with GDPR ?
According to Rankiteo, Helse Sør-Øst RHF is not listed as GDPR compliant.
Does Helse Sør-Øst RHF have PCI DSS certification ?
According to Rankiteo, Helse Sør-Øst RHF does not currently maintain PCI DSS compliance.
Does Helse Sør-Øst RHF comply with HIPAA ?
According to Rankiteo, Helse Sør-Øst RHF is not compliant with HIPAA regulations.
Does Helse Sør-Øst RHF have ISO 27001 certification ?
According to Rankiteo,Helse Sør-Øst RHF is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Helse Sør-Øst RHF
Helse Sør-Øst RHF operates primarily in the Hospitals and Health Care industry.
Number of Employees at Helse Sør-Øst RHF
Helse Sør-Øst RHF employs approximately 24,140 people worldwide.
Subsidiaries Owned by Helse Sør-Øst RHF
Helse Sør-Øst RHF presently has no subsidiaries across any sectors.
Helse Sør-Øst RHF’s LinkedIn Followers
Helse Sør-Øst RHF’s official LinkedIn profile has approximately 13,857 followers.
NAICS Classification of Helse Sør-Øst RHF
Helse Sør-Øst RHF is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
Helse Sør-Øst RHF’s Presence on Crunchbase
No, Helse Sør-Øst RHF does not have a profile on Crunchbase.
Helse Sør-Øst RHF’s Presence on LinkedIn
Yes, Helse Sør-Øst RHF maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/helse-sor-ost-rhf.
Cybersecurity Incidents Involving Helse Sør-Øst RHF
As of November 27, 2025, Rankiteo reports that Helse Sør-Øst RHF has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
Helse Sør-Øst RHF has an estimated 30,007 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Helse Sør-Øst RHF ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does Helse Sør-Øst RHF detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an incident response plan activated with yes (investigation ongoing; norcert and helsecert involved), and third party assistance with norcert (norwegian cert), third party assistance with helsecert (healthcare cert), and communication strategy with public disclosure via norwegian media (vg); advisories likely issued to affected individuals..
Incident Details
Can you provide details on each incident ?
Title: Data Breach at Health South-East RHF
Description: The healthcare organisation responsible for overseeing hospitals in the southeast of Norway, called Health South-East RHF, has announced that there was a security breach that exposed private information belonging to over 50% of the population.
Type: Data Breach
Threat Actor: Skilled and knowledgeable hackers
Motivation: Cyber espionage to obtain information about politicians, government employees, and members of the armed forces.
Title: Massive Data Breach at Health South-East Regional Health Authority (RHF) in Norway
Description: Cybercriminals stole a massive trove of Norway's healthcare data in a recent breach, impacting over half of the nation's population (2.9 million out of 5.2 million). An unknown hacker or group breached the systems of Health South-East RHF, stealing personal info and health records. The attack was detected by HelseCERT, which described the culprits as 'advanced and professional.' The full extent of data exfiltration and consequences for patient safety remain unclear.
Date Publicly Disclosed: 2023-XX-XX (announced on a Monday; exact date not specified)
Type: Data Breach
Threat Actor: Unknown (described as 'advanced and professional'; possibly advanced criminals or state-sponsored actors)
Motivation: Financial gain (identity theft, fraud)Potential chaos (if state-sponsored)Data monetization on dark web
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach HEL448181223
Data Compromised: Private information
Incident : Data Breach HEL1011910102825
Data Compromised: Personal information, Health records, Names, Birth dates, Policy numbers, Diagnosis codes, Social security numbers, Billing information
Systems Affected: Health South-East RHF computer systemsHospitals in southeast Norway (Østfold, Akershus, Oslo, Hedmark, Oppland, Buskerud, Vestfold, Telemark, Aust-Agder, Vest-Agder)
Brand Reputation Impact: High (long-term identity theft risk for 2.9 million individuals)
Identity Theft Risk: Critical (lifelong risk due to sensitive health data exposure)
Payment Information Risk: Moderate (billing information compromised)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Private information, Personal Identifiable Information (Pii), Protected Health Information (Phi), Financial/Billing Data and .
Which entities were affected by each incident ?
Incident : Data Breach HEL448181223
Entity Name: Health South-East RHF
Entity Type: Healthcare Organisation
Industry: Healthcare
Location: Southeast of Norway
Customers Affected: Over 50% of the population
Incident : Data Breach HEL1011910102825
Entity Name: Health South-East Regional Health Authority (RHF)
Entity Type: Healthcare Organization (Regional Health Authority)
Industry: Healthcare
Location: Southeast Norway (Østfold, Akershus, Oslo, Hedmark, Oppland, Buskerud, Vestfold, Telemark, Aust-Agder, Vest-Agder)
Size: Large (manages multiple hospitals; serves ~2.9 million patients)
Customers Affected: 2.9 million (out of Norway's 5.2 million population)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach HEL1011910102825
Incident Response Plan Activated: Yes (investigation ongoing; NorCERT and HelseCERT involved)
Third Party Assistance: Norcert (Norwegian Cert), Helsecert (Healthcare Cert).
Communication Strategy: Public disclosure via Norwegian media (VG); advisories likely issued to affected individuals
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Yes (investigation ongoing; NorCERT and HelseCERT involved).
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through NorCERT (Norwegian CERT), HelseCERT (Healthcare CERT), .
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach HEL448181223
Type of Data Compromised: Private information
Incident : Data Breach HEL1011910102825
Type of Data Compromised: Personal identifiable information (pii), Protected health information (phi), Financial/billing data
Number of Records Exposed: 2.9 million (estimated)
Sensitivity of Data: Extremely high (lifelong identity theft risk)
Data Exfiltration: Likely (confirmed breach; extent unclear)
Personally Identifiable Information: NamesBirth datesSocial security numbersPolicy numbersDiagnosis codesAddressesPhone numbersEmployment history
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach HEL1011910102825
Regulatory Notifications: Likely (mandatory under GDPR and Norwegian healthcare laws)
Lessons Learned and Recommendations
What recommendations were made to prevent future incidents ?
Incident : Data Breach HEL1011910102825
Recommendations: Affected individuals should monitor financial accounts for unauthorized activity., File taxes early to prevent refund fraud., Remain vigilant against identity theft indefinitely (lifelong risk)., Healthcare organizations should prioritize cybersecurity for critical infrastructure.Affected individuals should monitor financial accounts for unauthorized activity., File taxes early to prevent refund fraud., Remain vigilant against identity theft indefinitely (lifelong risk)., Healthcare organizations should prioritize cybersecurity for critical infrastructure.Affected individuals should monitor financial accounts for unauthorized activity., File taxes early to prevent refund fraud., Remain vigilant against identity theft indefinitely (lifelong risk)., Healthcare organizations should prioritize cybersecurity for critical infrastructure.Affected individuals should monitor financial accounts for unauthorized activity., File taxes early to prevent refund fraud., Remain vigilant against identity theft indefinitely (lifelong risk)., Healthcare organizations should prioritize cybersecurity for critical infrastructure.
References
Where can I find more information about each incident ?
Incident : Data Breach HEL448181223
Source: HelseCERT
Incident : Data Breach HEL1011910102825
Source: VG (Norwegian publication)
Incident : Data Breach HEL1011910102825
Source: NorCERT/HelseCERT statements
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: HelseCERT, and Source: VG (Norwegian publication), and Source: NorCERT/HelseCERT statements.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach HEL1011910102825
Investigation Status: Ongoing (early phase; 'far too early to say how big the attack is')
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Public disclosure via Norwegian media (VG); advisories likely issued to affected individuals.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach HEL1011910102825
Customer Advisories: Warning about lifelong identity theft risk.Guidance on monitoring financial/tax activity.Vigilance against fraudulent use of stolen data.
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Warning About Lifelong Identity Theft Risk., Guidance On Monitoring Financial/Tax Activity., Vigilance Against Fraudulent Use Of Stolen Data. and .
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach HEL448181223
High Value Targets: Politicians, Government Employees, Members Of The Armed Forces,
Data Sold on Dark Web: Politicians, Government Employees, Members Of The Armed Forces,
Incident : Data Breach HEL1011910102825
High Value Targets: Health Records, Pii,
Data Sold on Dark Web: Health Records, Pii,
Post-Incident Analysis
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Norcert (Norwegian Cert), Helsecert (Healthcare Cert), .
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Skilled and knowledgeable hackers and Unknown (described as 'advanced and professional'; possibly advanced criminals or state-sponsored actors).
Incident Details
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2023-XX-XX (announced on a Monday; exact date not specified).
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Private information, Personal information, Health records, Names, Birth dates, Policy numbers, Diagnosis codes, Social security numbers, Billing information and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident were Health South-East RHF computer systemsHospitals in southeast Norway (Østfold, Akershus, Oslo, Hedmark, Oppland, Buskerud, Vestfold, Telemark, Aust-Agder, Vest-Agder).
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was norcert (norwegian cert), helsecert (healthcare cert), .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Names, Diagnosis codes, Birth dates, Policy numbers, Health records, Billing information, Private information, Social security numbers and Personal information.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 2.9M.
Lessons Learned and Recommendations
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Remain vigilant against identity theft indefinitely (lifelong risk)., Healthcare organizations should prioritize cybersecurity for critical infrastructure., Affected individuals should monitor financial accounts for unauthorized activity. and File taxes early to prevent refund fraud..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are VG (Norwegian publication), NorCERT/HelseCERT statements and HelseCERT.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing (early phase; 'far too early to say how big the attack is').
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Warning about lifelong identity theft risk.Guidance on monitoring financial/tax activity.Vigilance against fraudulent use of stolen data.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=helse-sor-ost-rhf' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
