Comparison Overview

Korean Air

VS

Air France

Korean Air

260, Haneul-gil, Gangseo-gu, Seoul, 07505, KR
Last Update: 2025-12-29
View Profile
Between 750 and 799
http://koreanair.com

Serving the world for more than 50 years, Korean Air is one of the world's top 20 airlines, carrying more than 27 million passengers in 2019, pre-COVID. With its global hub at Incheon International Airport (ICN), the airline serves 120 cities in 43 countries on five continents with a modern fleet of 155 aircraft and over 20,000 professional employees. Korean Air's outstanding performance and commitment to the highest level of safety and customer service was further highlighted during the pandemic; the airline was granted numerous awards including 2021 Airline of the Year and 2022 Cargo Operator of the Year by Air Transport World, and a 5-star COVID safety rating from Skytrax. Korean Air is a founding member of the SkyTeam airline alliance, and has grown into one of the largest transpacific airlines through its joint venture with Delta Air Lines. Dedicated to providing Excellence in Flight, Korean Air’s vision is to be a respected leader in the world airline community. For more information about Korean Air, please visit www.koreanair.com, Korean Air Newsroom, facebook.com/KoreanAir, instagram.com/KoreanAirworld and Twitter@KoreanAir_KE.

NAICS: 481
NAICS Definition: Air Transportation
Employees: 3,404
Subsidiaries: 1
12-month incidents
1
Known data breaches
1
Attack type number
2
View Profile

Air France

45 , rue de Paris, None, Roissy CDG, None, FR, 95747
Last Update: 2025-12-27
Between 750 and 799
http://www.airfrance.com

Depuis 1933, la compagnie Air France porte haut les couleurs de la France à travers le monde entier. Avec une activité, répartie entre le transport aérien de passagers, le fret, la maintenance et l’entretien aéronautique, Air France est un acteur majeur du secteur aérien. Plus de 45 000 collaborateurs se mobilisent au quotidien pour proposer à chaque client, une expérience de voyage unique. Air France, KLM Royal Dutch Airlines et Transavia forment le Groupe Air France-KLM. Le Groupe s’appuie sur la force de ses hubs de Paris-Charles de Gaulle et d’Amsterdam-Schiphol pour offrir un vaste réseau international. Son programme de fidélité Flying Blue rassemble plus de 17 millions d’adhérents. Air France et KLM sont membres de l’alliance SkyTeam qui compte au total, 19 compagnies aériennes. Air France place la santé et la sécurité de ses clients et de ses personnels au cœur de ses préoccupations. Avec Air France Protect, son engagement sanitaire, la compagnie a instauré les mesures sanitaires les plus strictes pour un voyage en toute sécurité. Air France s’est fixé des objectifs ambitieux en matière de développement durable et travaille à réduire et compenser ses émissions de CO2. Dans le cadre du programme Horizon 2030, la compagnie s’est engagée à réduire de 50% ses émissions de CO2 par passager-kilomètre d’ici à 2030 à travers des investissements importants en faveur du renouvellement de sa flotte par des avions de nouvelle génération, l’utilisation de solutions innovantes pour réduire sa consommation de carburant ou encore l’utilisation progressive de carburants alternatifs durables. Plus d'informations sur : corporate.airfrance.com

NAICS: 481
NAICS Definition: Air Transportation
Employees: 29,688
Subsidiaries: 3
12-month incidents
1
Known data breaches
3
Attack type number
2

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/korean-air.jpeg
Korean Air
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/air-france.jpeg
Air France
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Korean Air
100%
Compliance Rate
0/4 Standards Verified
Air France
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Airlines and Aviation Industry Average (This Year)

Korean Air has 31.58% more incidents than the average of same-industry companies with at least one recorded incident.

Incidents vs Airlines and Aviation Industry Average (This Year)

Air France has 31.58% more incidents than the average of same-industry companies with at least one recorded incident.

Incident History — Korean Air (X = Date, Y = Severity)

Korean Air cyber incidents detection timeline including parent company and subsidiaries

Incident History — Air France (X = Date, Y = Severity)

Air France cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/korean-air.jpeg
Korean Air
Incidents

Date Detected: 12/2025
Type:Cyber Attack
Blog: Blog

Date Detected: 12/2025
Type:Breach
Blog: Blog
https://images.rankiteo.com/companyimages/air-france.jpeg
Air France
Incidents

Date Detected: 8/2025
Type:Breach
Attack Vector: AI-Amplified Social Engineering, Third-Party Customer Service Platform Exploitation, Voice Cloning, Deepfake Impersonation
Motivation: Financial Gain, Data Monetization, Identity Theft, Loyalty Program Fraud
Blog: Blog

Date Detected: 8/2025
Type:Breach
Attack Vector: Third-party service provider compromise
Blog: Blog

Date Detected: 6/2025
Type:Breach
Blog: Blog

FAQ

Korean Air company demonstrates a stronger AI Cybersecurity Score compared to Air France company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Air France company has faced a higher number of disclosed cyber incidents historically compared to Korean Air company.

In the current year, Air France company has reported more cyber incidents than Korean Air company.

Neither Air France company nor Korean Air company has reported experiencing a ransomware attack publicly.

Both Air France company and Korean Air company have disclosed experiencing at least one data breach.

Both Air France company and Korean Air company have reported experiencing targeted cyberattacks.

Neither Korean Air company nor Air France company has reported experiencing or disclosing vulnerabilities publicly.

Neither Korean Air nor Air France holds any compliance certifications.

Neither company holds any compliance certifications.

Air France company has more subsidiaries worldwide compared to Korean Air company.

Air France company employs more people globally than Korean Air company, reflecting its scale as a Airlines and Aviation.

Neither Korean Air nor Air France holds SOC 2 Type 1 certification.

Neither Korean Air nor Air France holds SOC 2 Type 2 certification.

Neither Korean Air nor Air France holds ISO 27001 certification.

Neither Korean Air nor Air France holds PCI DSS certification.

Neither Korean Air nor Air France holds HIPAA certification.

Neither Korean Air nor Air France holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

A vulnerability was found in Tenda WH450 1.0.0.18. Affected is an unknown function of the file /goform/PPTPUserSetting. Performing manipulation of the argument delno results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used.

Published
Date
2025-12-28
Updated
Date
2025-12-28
Risk Information
cvss2
Base: 8.3
Severity: LOW
AV:N/AC:L/Au:M/C:C/I:C/A:C
cvss3
Base: 7.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 7.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability has been found in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/PPTPServer. Such manipulation of the argument ip1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Published
Date
2025-12-28
Updated
Date
2025-12-28
Risk Information
cvss2
Base: 8.3
Severity: LOW
AV:N/AC:L/Au:M/C:C/I:C/A:C
cvss3
Base: 7.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 7.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A flaw has been found in omec-project UPF up to 2.1.3-dev. This affects the function handleSessionEstablishmentRequest of the file /pfcpiface/pfcpiface/messages_session.go of the component PFCP Session Establishment Request Handler. This manipulation causes null pointer dereference. The attack may be initiated remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Published
Date
2025-12-28
Updated
Date
2025-12-28
Risk Information
cvss2
Base: 4.0
Severity: LOW
AV:N/AC:L/Au:S/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was detected in floooh sokol up to 16cbcc864012898793cd2bc57f802499a264ea40. The impacted element is the function _sg_pipeline_desc_defaults in the library sokol_gfx.h. The manipulation results in stack-based buffer overflow. The attack requires a local approach. The exploit is now public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The patch is identified as 5d11344150973f15e16d3ec4ee7550a73fb995e0. It is advisable to implement a patch to correct this issue.

Published
Date
2025-12-28
Updated
Date
2025-12-28
Risk Information
cvss2
Base: 4.3
Severity: LOW
AV:L/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security vulnerability has been detected in PbootCMS up to 3.2.12. The affected element is the function get_user_ip of the file core/function/handle.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to use of less trusted source. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.

Published
Date
2025-12-28
Updated
Date
2025-12-28
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
cvss4
Base: 5.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References