Leonardo
Company Details
Linkedin ID:
leonardo_company
Website:
Employees number:
34,551
Number of followers:
673,592
NAICS:
336414
Industry Type:
Homepage:
leonardo.com
IP Addresses:
0
Company ID:
LEO_1996124
Scan Status:
In-progress
Leonardo Company CyberSecurity Posture
leonardo.com
Leonardo is a global security company that realises multi-domain technological capabilities in AD&S. With over 53,000 employees worldwide, the company has a significant industrial presence in Italy, the UK, Poland, and the US. It also has a commercial presence in 150 countries through subsidiaries, joint ventures and investments. A key player in major international strategic programmes, it is a technological and industrial partner of governments, defence administrations, institutions and companies. In 2023, Leonardo recorded consolidated revenues of €15.3 bn and new orders for €17.9 bn. Innovation, continuous research, digitalisation and sustainability are the pillars of its business worldwide. Stefano Pontecorvo has been the Chairman since 9 May 2023 and Roberto Cingolani has been the CEO and General Manager since 9 May 2023. Follow Leonardo on social media: ➡️https://x.com/Leonardo_live ➡️https://www.instagram.com/leonardo_company/ ➡️https://www.youtube.com/leonardocompany
Leonardo A.I CyberSecurity Scoring
Leonardo Risk Score (AI oriented)Between 750 and 799
Leonardo
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Leonardo Global Score (TPRM)XXXX
Leonardo
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Leonardo Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Leonardo
Breach
Rankiteo Explanation
Attack threatening the organization’s existence
Description: Leonardo, taking part in various European Defense Fund-backed projects, could face significant repercussions in the event of a cyber attack. One such instance could include a breach leading to the leak of sensitive technological data and intellectual property. Given the company's involvement in defense technologies, such a breach could affect internal employee data and potentially compromise national and EU military capabilities. This could have far-reaching impacts on the organization's reputation, financial standing, and the security of the region, threatening the military and economic stability.
Leonardo Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Leonardo
Incidents vs Defense and Space Manufacturing Industry Average (This Year)
No incidents recorded for Leonardo in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Leonardo in 2025.
Incident Types Leonardo vs Defense and Space Manufacturing Industry Avg (This Year)
No incidents recorded for Leonardo in 2025.
Incident History — Leonardo (X = Date, Y = Severity)
Leonardo cyber incidents detection timeline including parent company and subsidiaries
Leonardo Company Subsidiaries
Leonardo is a global security company that realises multi-domain technological capabilities in AD&S. With over 53,000 employees worldwide, the company has a significant industrial presence in Italy, the UK, Poland, and the US. It also has a commercial presence in 150 countries through subsidiaries, joint ventures and investments. A key player in major international strategic programmes, it is a technological and industrial partner of governments, defence administrations, institutions and companies. In 2023, Leonardo recorded consolidated revenues of €15.3 bn and new orders for €17.9 bn. Innovation, continuous research, digitalisation and sustainability are the pillars of its business worldwide. Stefano Pontecorvo has been the Chairman since 9 May 2023 and Roberto Cingolani has been the CEO and General Manager since 9 May 2023. Follow Leonardo on social media: ➡️https://x.com/Leonardo_live ➡️https://www.instagram.com/leonardo_company/ ➡️https://www.youtube.com/leonardocompany
Loading...
Leonardo Similar Companies
SAIC® is a premier Fortune 500 mission integrator focused on advancing the power of technology and innovation to serve and protect our world. Our robust portfolio of offerings across the defense, space, civilian and intelligence markets includes secure high-end solutions in mission IT, enterprise IT
Sandia National Laboratories is the nation’s premier DOE science and engineering lab for national security and technology innovation. Our team of scientists, engineers, researchers, and business specialists apply their knowledge and skill toward delivering cutting-edge technology in an array of area
Leidos
Leidos is a Fortune 500® innovation company rapidly addressing the world’s most vexing challenges in national security and health. The company's global workforce of 48,000 collaborates to create smarter technology solutions for customers in heavily regulated industries. Headquartered in Reston, Virg
Aselsan
ASELSAN is a company of Turkish Armed Forces Foundation, established in 1975 in order to meet the communication needs of the Turkish Armed Forces by national means. Currently 74,20% of the shares are owned by the Foundation whereas the remaining 25,8% runs in İstanbul Borsa stock market. ASELSAN is
General Atomics
The freedom to explore. The promise to deliver. General Atomics, based in San Diego, CA, develops advanced technology solutions for government and commercial applications. Privately owned and vertically integrated, we have the freedom to invest in the most innovative technologies, and the resource
As a leading defence and security company, we offer solutions that range from the depths of the oceans to high in the sky, on land and in cyberspace, to keep people and society safe. Empowered by our 22,000 talented people, we constantly push the boundaries of technology to create a safer, more sus
Republic of Korea Air Force
The Republic of Korea Air Force (ROKAF; Korean: 대한민국 공군; Hanja: 大韓民國 空軍; Revised Romanization: Daehanminguk Gong-gun), also known as the ROK Air Force, is the aerial warfare service branch of South Korea, operating under the South Korean Ministry of National Defense. The ROKAF has about 450 combat
General Dynamics
From Gulfstream business jets and combat vehicles to nuclear-powered submarines and communications systems, people around the world depend on our products and services for their safety and security. General Dynamics is headquartered in Reston, Virginia, and employs over 100,000 people in 43 countri
At BAE Systems, we help our customers to stay a step ahead when protecting people and national security, critical infrastructure and vital information. We provide some of the world’s most advanced, technology-led defence, aerospace and security solutions and employ a skilled workforce of 107,000 peo
.png)
Leonardo CyberSecurity News
December 08, 2025 03:25 AM
Italian defence, aerospace company, Leonardo opens regional cyber center in Malaysia
Leonardo officially opened its new Regional Cyber Center in Shah Alam on Dec 3 with its senior leadership touting the centre as proof of...
December 06, 2025 09:14 PM
Leonardo opens new cyber centre in Malaysia
Leonardo has opened a new Regional Cyber Centre in Malaysia that strengthens Leonardo's technologies for global security.
December 04, 2025 11:43 AM
Leonardo Inaugurates Regional Cyber-Centre in Malaysia
Leonardo has opened a new regional cyber centre in Kuala Lumpur, Malaysia, as part of its Global CyberSec Centre (GCC) network.
December 03, 2025 08:05 AM
Leonardo Opens Regional Cyber Centre In KL, Strengthening Malaysia’s Role As Regional Security Hub
Malaysia was selected for its strong cybersecurity frameworks and protections for critical national infrastructure.
December 03, 2025 07:57 AM
Leonardo inaugurated its Regional Cyber Center in Malaysia
Leonardo today inaugurated its new Regional Cyber Center, which aims to strengthen its position as a technological leader in global...
December 03, 2025 07:41 AM
Leonardo Inaugurates the Regional Cyber Center in Malaysia,
The opening of the Regional Cyber Center not only strengthens Leonardo's positioning as a leader in global security, but also consolidates...
October 31, 2025 07:00 AM
#WeAreLeonardo, in the world of cybersecurity with Enrico
Enrico Giacobbe recounts the path that led him to Leonardo, where he now leads a team of about 100 people at the Genoa Fiumara headquarters.
October 27, 2025 07:00 AM
Aviation Cyber Security Market Trends and Growth Forecast (2025-2032) Featuring Profiles of Key Players - Honeywell International, Collins Aerospace, Thales, Leonardo, Safran and More
The market is expanding due to increasing digital integration and global regulation. Opportunities lie in developing integrated,...
October 15, 2025 07:00 AM
UK Home Office Selects Leonardo MC_linX Dispatcher for Their Blue Light Services
The MC_linX Dispatcher will support users to transition from the Airwave Network to the Emergency Services Network, by providing a...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Leonardo CyberSecurity History Information
Official Website of Leonardo
The official website of Leonardo is http://www.leonardo.com.
Leonardo’s AI-Generated Cybersecurity Score
According to Rankiteo, Leonardo’s AI-generated cybersecurity score is 772, reflecting their Fair security posture.
How many security badges does Leonardo’ have ?
According to Rankiteo, Leonardo currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Leonardo have SOC 2 Type 1 certification ?
According to Rankiteo, Leonardo is not certified under SOC 2 Type 1.
Does Leonardo have SOC 2 Type 2 certification ?
According to Rankiteo, Leonardo does not hold a SOC 2 Type 2 certification.
Does Leonardo comply with GDPR ?
According to Rankiteo, Leonardo is not listed as GDPR compliant.
Does Leonardo have PCI DSS certification ?
According to Rankiteo, Leonardo does not currently maintain PCI DSS compliance.
Does Leonardo comply with HIPAA ?
According to Rankiteo, Leonardo is not compliant with HIPAA regulations.
Does Leonardo have ISO 27001 certification ?
According to Rankiteo,Leonardo is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Leonardo
Leonardo operates primarily in the Defense and Space Manufacturing industry.
Number of Employees at Leonardo
Leonardo employs approximately 34,551 people worldwide.
Subsidiaries Owned by Leonardo
Leonardo presently has no subsidiaries across any sectors.
Leonardo’s LinkedIn Followers
Leonardo’s official LinkedIn profile has approximately 673,592 followers.
NAICS Classification of Leonardo
Leonardo is classified under the NAICS code 336414, which corresponds to Guided Missile and Space Vehicle Manufacturing.
Leonardo’s Presence on Crunchbase
No, Leonardo does not have a profile on Crunchbase.
Leonardo’s Presence on LinkedIn
Yes, Leonardo maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/leonardo_company.
Cybersecurity Incidents Involving Leonardo
As of December 20, 2025, Rankiteo reports that Leonardo has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Leonardo has an estimated 2,373 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Leonardo ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Incident Details
Can you provide details on each incident ?
Title: Leonardo Cyber Breach: Defense Technology Data Leak
Description: Leonardo, involved in European Defense Fund-backed projects, experienced a cyber breach leading to the leak of sensitive technological data and intellectual property. The breach affected internal employee data and potentially compromised national and EU military capabilities, impacting the organization's reputation, financial standing, and regional security.
Type: Data Breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach LEO000072824
Data Compromised: Sensitive technological data, Intellectual property, Internal employee data
Brand Reputation Impact: Significant
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Sensitive Technological Data, Intellectual Property, Internal Employee Data and .
Which entities were affected by each incident ?
Incident : Data Breach LEO000072824
Entity Name: Leonardo
Entity Type: Company
Industry: Defense Technology
Location: Europe
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach LEO000072824
Type of Data Compromised: Sensitive technological data, Intellectual property, Internal employee data
Sensitivity of Data: High
Additional Questions
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Sensitive technological data, Intellectual property, Internal employee data and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Internal employee data, Intellectual property and Sensitive technological data.
.png)
Latest Global CVEs (Not Company-Specific)
Description
n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulnerability in their workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An authenticated attacker could abuse this behavior to execute arbitrary code with the privileges of the n8n process. Successful exploitation may lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations. This issue has been fixed in versions 1.120.4, 1.121.1, and 1.122.0. Users are strongly advised to upgrade to a patched version, which introduces additional safeguards to restrict expression evaluation. If upgrading is not immediately possible, administrators should consider the following temporary mitigations: Limit workflow creation and editing permissions to fully trusted users only; and/or deploy n8n in a hardened environment with restricted operating system privileges and network access to reduce the impact of potential exploitation. These workarounds do not fully eliminate the risk and should only be used as short-term measures.
Risk Information
cvss3
Base: 9.9
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
References
- https://github.com/n8n-io/n8n/commit/08f332015153decdda3c37ad4fcb9f7ba13a7c79
- https://github.com/n8n-io/n8n/commit/1c933358acef527ff61466e53268b41a04be1000
- https://github.com/n8n-io/n8n/commit/39a2d1d60edde89674ca96dcbb3eb076ffff6316
- https://github.com/n8n-io/n8n/security/advisories/GHSA-v98v-ff95-f3cp
Description
FastAPI Users allows users to quickly add a registration and authentication system to their FastAPI project. Prior to version 15.0.2, the OAuth login state tokens are completely stateless and carry no per-request entropy or any data that could link them to the session that initiated the OAuth flow. `generate_state_token()` is always called with an empty `state_data` dict, so the resulting JWT only contains the fixed audience claim plus an expiration timestamp. On callback, the library merely checks that the JWT verifies under `state_secret` and is unexpired; there is no attempt to match the state value to the browser that initiated the OAuth request, no correlation cookie, and no server-side cache. Any attacker can hit `/authorize`, capture the server-generated state, finish the upstream OAuth flow with their own provider account, and then trick a victim into loading `.../callback?code=<attacker_code>&state=<attacker_state>`. Because the state JWT is valid for any client for \~1 hour, the victim’s browser will complete the flow. This leads to login CSRF. Depending on the app’s logic, the login CSRF can lead to an account takeover of the victim account or to the victim user getting logged in to the attacker's account. Version 15.0.2 contains a patch for the issue.
Risk Information
cvss3
Base: 5.9
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N
References
- https://github.com/fastapi-users/fastapi-users/blob/bcee8c9b884de31decb5d799aead3974a0b5b158/fastapi_users/router/oauth.py#L111
- https://github.com/fastapi-users/fastapi-users/blob/bcee8c9b884de31decb5d799aead3974a0b5b158/fastapi_users/router/oauth.py#L57
- https://github.com/fastapi-users/fastapi-users/commit/7cf413cd766b9cb0ab323ce424ddab2c0d235932
- https://github.com/fastapi-users/fastapi-users/security/advisories/GHSA-5j53-63w8-8625
Description
FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the application directory. Attackers can generate a reverse shell payload using msfvenom and replace the missing DLL to achieve remote code execution when the application launches.
Risk Information
cvss3
Base: 9.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
LDAP Tool Box Self Service Password 1.5.2 contains a password reset vulnerability that allows attackers to manipulate HTTP Host headers during token generation. Attackers can craft malicious password reset requests that generate tokens sent to a controlled server, enabling potential account takeover by intercepting and using stolen reset tokens.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss4
Base: 8.6
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Kimai 1.30.10 contains a SameSite cookie vulnerability that allows attackers to steal user session cookies through malicious exploitation. Attackers can trick victims into executing a crafted PHP script that captures and writes session cookie information to a file, enabling potential session hijacking.
Risk Information
cvss3
Base: 9.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=leonardo_company' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
