Comparison Overview

Kintetsu World Express

VS

CMA CGM

Kintetsu World Express

Konan, Minato Ku (shinagawa), 24 Fl, Shinagawa Intercity Tower A, 2-15-1, Tokyo, Minato-ku, JP, 108-6024
Last Update: 2025-12-18
View Profile
Between 600 and 649
http://www.kwe.com

As a leading provider of Air Freight, Ocean Freight, Customs Brokerage, Surface Logistics and Distribution (3PL) services KWE has taken pride in the delivery of your cargo to any market around the world. Today, with terminal and office locations in virtually every major city nationwide, we are ranked among the country's top ten International Freight Forwarders. Our commitment to our customers remains, quite simply, to offer the highest level of products and services available globally. We are committed to providing our customers with logistics solutions that will help them maintain a competitive edge.

NAICS: 47
NAICS Definition: Transportation and Warehousing
Employees: 5,578
Subsidiaries: 0
12-month incidents
1
Known data breaches
0
Attack type number
1
View Profile

CMA CGM

4, Quai d'arenc, Marseille, Provence-Alpes-Côte d'Azur, FR, 13002
Last Update: 2025-12-19
Between 750 and 799
http://www.cma-cgm.com

The CMA CGM Group is a global player in sea, land, air and logistics solutions, true to its corporate Purpose, "We imagine better ways to serve a world in motion". Present in 177 countries, it employs 160,000 people, of which nearly 6,000 in Marseilles where its head office is located. The world's 3rd largest shipping company, CMA CGM serves more than 420 ports across 5 continents with a fleet of over 650 vessels. In 2024, CMA CGM carried over 23 million TEU (twenty-foot equivalent unit) containers. Its subsidiary CEVA Logistics, one of the world's top five players, operates 1,000 warehouses and handled 15 million shipments in 2024. CMA CGM AIR CARGO, the Group's air freight division, will operate a fleet of 6 cargo aircraft by 2025. CMA Media, France's 3rd largest private media group, includes RMC-BFM and several national and regional press titles (La Tribune Dimanche, La Tribune, La Provence and Corse Matin). Committed to energy transition, the CMA CGM Group is aiming for Net Zero Carbon by 2050. The CMA CGM Foundation provides humanitarian aid in crisis situations, and is committed to education for all and equal opportunities throughout the world. To date, the CMA CGM Foundation has transported 63,000 tons of humanitarian aid to 97 countries and supported over 550 educational projects.

NAICS: 47
NAICS Definition: Transportation and Warehousing
Employees: 29,493
Subsidiaries: 12
12-month incidents
0
Known data breaches
0
Attack type number
2

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/kintetsu-world-express.jpeg
Kintetsu World Express
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/cma-cgm.jpeg
CMA CGM
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Kintetsu World Express
100%
Compliance Rate
0/4 Standards Verified
CMA CGM
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Transportation, Logistics, Supply Chain and Storage Industry Average (This Year)

Kintetsu World Express has 16.67% fewer incidents than the average of same-industry companies with at least one recorded incident.

Incidents vs Transportation, Logistics, Supply Chain and Storage Industry Average (This Year)

No incidents recorded for CMA CGM in 2025.

Incident History — Kintetsu World Express (X = Date, Y = Severity)

Kintetsu World Express cyber incidents detection timeline including parent company and subsidiaries

Incident History — CMA CGM (X = Date, Y = Severity)

CMA CGM cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/kintetsu-world-express.jpeg
Kintetsu World Express
Incidents

Date Detected: 4/2025
Type:Ransomware
Blog: Blog

Date Detected: 6/2024
Type:Ransomware
Blog: Blog
https://images.rankiteo.com/companyimages/cma-cgm.jpeg
CMA CGM
Incidents

Date Detected: 9/2021
Type:Ransomware
Attack Vector: ransomware (Ragnar Locker)
Motivation: financial gain, data theft
Blog: Blog

Date Detected: 9/2020
Type:Ransomware
Motivation: financial gain
Blog: Blog

Date Detected: 2/2017
Type:Cyber Attack
Attack Vector: remote hacking, navigation system compromise
Motivation: financial gain (piracy), physical seizure of vessel, ransom
Blog: Blog

FAQ

CMA CGM company demonstrates a stronger AI Cybersecurity Score compared to Kintetsu World Express company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

CMA CGM company has faced a higher number of disclosed cyber incidents historically compared to Kintetsu World Express company.

In the current year, Kintetsu World Express company has reported more cyber incidents than CMA CGM company.

Both CMA CGM company and Kintetsu World Express company have confirmed experiencing at least one ransomware attack.

Neither CMA CGM company nor Kintetsu World Express company has reported experiencing a data breach publicly.

CMA CGM company has reported targeted cyberattacks, while Kintetsu World Express company has not reported such incidents publicly.

Neither Kintetsu World Express company nor CMA CGM company has reported experiencing or disclosing vulnerabilities publicly.

Neither Kintetsu World Express nor CMA CGM holds any compliance certifications.

Neither company holds any compliance certifications.

CMA CGM company has more subsidiaries worldwide compared to Kintetsu World Express company.

CMA CGM company employs more people globally than Kintetsu World Express company, reflecting its scale as a Transportation, Logistics, Supply Chain and Storage.

Neither Kintetsu World Express nor CMA CGM holds SOC 2 Type 1 certification.

Neither Kintetsu World Express nor CMA CGM holds SOC 2 Type 2 certification.

Neither Kintetsu World Express nor CMA CGM holds ISO 27001 certification.

Neither Kintetsu World Express nor CMA CGM holds PCI DSS certification.

Neither Kintetsu World Express nor CMA CGM holds HIPAA certification.

Neither Kintetsu World Express nor CMA CGM holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

httparty is an API tool. In versions 0.23.2 and prior, httparty is vulnerable to SSRF. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. This issue has been patched via commit 0529bcd.

Published
Date
2025-12-23
Updated
Date
2025-12-23
Risk Information
cvss4
Base: 8.8
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. In versions 0.15.2 and prior, an RCE vulnerability exists in useMarkdown.ts, where the markdown-it-mermaid plugin is initialized with securityLevel: 'loose'. This configuration explicitly permits the rendering of HTML tags within Mermaid diagram nodes. This issue has not been patched at time of publication.

Published
Date
2025-12-23
Updated
Date
2025-12-23
Risk Information
cvss3
Base: 9.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
References
Description

continuwuity is a Matrix homeserver written in Rust. Prior to version 0.5.0, this vulnerability allows a remote, unauthenticated attacker to force the target server to cryptographically sign arbitrary membership events. The flaw exists because the server fails to validate the origin of a signing request, provided the event's state_key is a valid user ID belonging to the target server. This issue has been patched in version 0.5.0. A workaround for this issue involves blocking access to the PUT /_matrix/federation/v2/invite/{roomId}/{eventId} endpoint using the reverse proxy.

Published
Date
2025-12-23
Updated
Date
2025-12-23
Risk Information
cvss4
Base: 9.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

LangChain is a framework for building LLM-powered applications. Prior to @langchain/core versions 0.3.80 and 1.1.8, and prior to langchain versions 0.3.37 and 1.2.3, a serialization injection vulnerability exists in LangChain JS's toJSON() method (and subsequently when string-ifying objects using JSON.stringify(). The method did not escape objects with 'lc' keys when serializing free-form data in kwargs. The 'lc' key is used internally by LangChain to mark serialized objects. When user-controlled data contains this key structure, it is treated as a legitimate LangChain object during deserialization rather than plain user data. This issue has been patched in @langchain/core versions 0.3.80 and 1.1.8, and langchain versions 0.3.37 and 1.2.3

Published
Date
2025-12-23
Updated
Date
2025-12-23
Risk Information
cvss3
Base: 8.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
References
Description

LangChain is a framework for building agents and LLM-powered applications. Prior to versions 0.3.81 and 1.2.5, a serialization injection vulnerability exists in LangChain's dumps() and dumpd() functions. The functions do not escape dictionaries with 'lc' keys when serializing free-form dictionaries. The 'lc' key is used internally by LangChain to mark serialized objects. When user-controlled data contains this key structure, it is treated as a legitimate LangChain object during deserialization rather than plain user data. This issue has been patched in versions 0.3.81 and 1.2.5.

Published
Date
2025-12-23
Updated
Date
2025-12-23
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
References