Comparison Overview

Korean Air

VS

Qatar Airways

Korean Air

260, Haneul-gil, Gangseo-gu, Seoul, 07505, KR
Last Update: 2025-12-29
View Profile
Between 750 and 799
http://koreanair.com

Serving the world for more than 50 years, Korean Air is one of the world's top 20 airlines, carrying more than 27 million passengers in 2019, pre-COVID. With its global hub at Incheon International Airport (ICN), the airline serves 120 cities in 43 countries on five continents with a modern fleet of 155 aircraft and over 20,000 professional employees. Korean Air's outstanding performance and commitment to the highest level of safety and customer service was further highlighted during the pandemic; the airline was granted numerous awards including 2021 Airline of the Year and 2022 Cargo Operator of the Year by Air Transport World, and a 5-star COVID safety rating from Skytrax. Korean Air is a founding member of the SkyTeam airline alliance, and has grown into one of the largest transpacific airlines through its joint venture with Delta Air Lines. Dedicated to providing Excellence in Flight, Korean Air’s vision is to be a respected leader in the world airline community. For more information about Korean Air, please visit www.koreanair.com, Korean Air Newsroom, facebook.com/KoreanAir, instagram.com/KoreanAirworld and Twitter@KoreanAir_KE.

NAICS: 481
NAICS Definition: Air Transportation
Employees: 3,404
Subsidiaries: 1
12-month incidents
1
Known data breaches
1
Attack type number
2
View Profile

Qatar Airways

Old Airport Rd., Doha, 22550, QA
Last Update: 2025-12-25
Between 800 and 849
https://www.qatarairways.com/

Qatar Airways is the national airline of the State of Qatar. Based in Doha, the Airline’s trendsetting on-board product focuses on: comfort, fine cuisine, the latest in-flight audio & video entertainment, award-winning service and one of the youngest and most advanced aircraft fleet in the sky. Awards by industry audit Skytrax: - Airline of the Year (2011, 2012, 2015, 2017, 2019, 2021, 2022, 2024, 2025) - World's Best Business Class (2010, 2013, 2014, 2016, 2017, 2018, 2019, 2021, 2022, 2023, 2024, 2025) - World’s Best Business Class Airline Lounge (2013, 2014, 2016, 2017, 2021, 2023, 2024, 2025) - Best Airline in the Middle East (2011, 2012, 2013, 2014, 2015, 2017, 2018, 2019, 2021, 2022, 2023, 2024, 2025) Connecting through its Doha hub, Qatar Airways serves more than 170 key business and leisure destinations worldwide, with a fleet of over 200 aircraft. The airline flies to Australia, Asia, Europe, Middle East, Africa, North America, and South America. Qatar Airways is looking for the very best candidates to help support the Airline's incredible growth. Visit http://bit.ly/QRvacancies to land a great career. Please visit www.qatarairways.com/support if you require a response to a formal complaint.

NAICS: 481
NAICS Definition: Air Transportation
Employees: 53,470
Subsidiaries: 8
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/korean-air.jpeg
Korean Air
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/qatar-airways.jpeg
Qatar Airways
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Korean Air
100%
Compliance Rate
0/4 Standards Verified
Qatar Airways
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Airlines and Aviation Industry Average (This Year)

Korean Air has 31.58% more incidents than the average of same-industry companies with at least one recorded incident.

Incidents vs Airlines and Aviation Industry Average (This Year)

No incidents recorded for Qatar Airways in 2025.

Incident History — Korean Air (X = Date, Y = Severity)

Korean Air cyber incidents detection timeline including parent company and subsidiaries

Incident History — Qatar Airways (X = Date, Y = Severity)

Qatar Airways cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/korean-air.jpeg
Korean Air
Incidents

Date Detected: 12/2025
Type:Cyber Attack
Blog: Blog

Date Detected: 12/2025
Type:Breach
Blog: Blog
https://images.rankiteo.com/companyimages/qatar-airways.jpeg
Qatar Airways
Incidents

No Incident

FAQ

Qatar Airways company demonstrates a stronger AI Cybersecurity Score compared to Korean Air company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Korean Air company has historically faced a number of disclosed cyber incidents, whereas Qatar Airways company has not reported any.

In the current year, Korean Air company has reported more cyber incidents than Qatar Airways company.

Neither Qatar Airways company nor Korean Air company has reported experiencing a ransomware attack publicly.

Korean Air company has disclosed at least one data breach, while the other Qatar Airways company has not reported such incidents publicly.

Korean Air company has reported targeted cyberattacks, while Qatar Airways company has not reported such incidents publicly.

Neither Korean Air company nor Qatar Airways company has reported experiencing or disclosing vulnerabilities publicly.

Neither Korean Air nor Qatar Airways holds any compliance certifications.

Neither company holds any compliance certifications.

Qatar Airways company has more subsidiaries worldwide compared to Korean Air company.

Qatar Airways company employs more people globally than Korean Air company, reflecting its scale as a Airlines and Aviation.

Neither Korean Air nor Qatar Airways holds SOC 2 Type 1 certification.

Neither Korean Air nor Qatar Airways holds SOC 2 Type 2 certification.

Neither Korean Air nor Qatar Airways holds ISO 27001 certification.

Neither Korean Air nor Qatar Airways holds PCI DSS certification.

Neither Korean Air nor Qatar Airways holds HIPAA certification.

Neither Korean Air nor Qatar Airways holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

A vulnerability was found in Tenda WH450 1.0.0.18. Affected is an unknown function of the file /goform/PPTPUserSetting. Performing manipulation of the argument delno results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used.

Published
Date
2025-12-28
Updated
Date
2025-12-28
Risk Information
cvss2
Base: 8.3
Severity: LOW
AV:N/AC:L/Au:M/C:C/I:C/A:C
cvss3
Base: 7.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 7.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability has been found in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/PPTPServer. Such manipulation of the argument ip1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Published
Date
2025-12-28
Updated
Date
2025-12-28
Risk Information
cvss2
Base: 8.3
Severity: LOW
AV:N/AC:L/Au:M/C:C/I:C/A:C
cvss3
Base: 7.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 7.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A flaw has been found in omec-project UPF up to 2.1.3-dev. This affects the function handleSessionEstablishmentRequest of the file /pfcpiface/pfcpiface/messages_session.go of the component PFCP Session Establishment Request Handler. This manipulation causes null pointer dereference. The attack may be initiated remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Published
Date
2025-12-28
Updated
Date
2025-12-28
Risk Information
cvss2
Base: 4.0
Severity: LOW
AV:N/AC:L/Au:S/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was detected in floooh sokol up to 16cbcc864012898793cd2bc57f802499a264ea40. The impacted element is the function _sg_pipeline_desc_defaults in the library sokol_gfx.h. The manipulation results in stack-based buffer overflow. The attack requires a local approach. The exploit is now public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The patch is identified as 5d11344150973f15e16d3ec4ee7550a73fb995e0. It is advisable to implement a patch to correct this issue.

Published
Date
2025-12-28
Updated
Date
2025-12-28
Risk Information
cvss2
Base: 4.3
Severity: LOW
AV:L/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security vulnerability has been detected in PbootCMS up to 3.2.12. The affected element is the function get_user_ip of the file core/function/handle.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to use of less trusted source. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.

Published
Date
2025-12-28
Updated
Date
2025-12-28
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
cvss4
Base: 5.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References