Mercedes-Benz AG
Company Details
Linkedin ID:
mercedes-benz_ag
Website:
Employees number:
35,360
Number of followers:
2,246,561
NAICS:
3361
Industry Type:
Homepage:
mercedes-benz.com
IP Addresses:
0
Company ID:
MER_1045021
Scan Status:
In-progress
Mercedes-Benz AG Company CyberSecurity Posture
mercedes-benz.com
"Love of invention will never end." - Carl Benz Learn more about us as we continue to pioneer the future of driving excellence. Data privacy: mb4.me/provider_privacy Mercedes-Benz AG Mercedesstraße 120 70372 Stuttgart Germany Phone: +49 7 11 17-0 E-Mail: [email protected] For inquiries regarding the content on this website, please contact any of the provided contacts. You may address your concerns in English or your respective native language. Represented by the Board of Management: Ola Källenius, Chairman; Jörg Burzer, Mathias Geisen, Renata Jungo Brüngger, Markus Schäfer, Britta Seeger, Oliver Thöne, Harald Wilhelm Chairman of the Supervisory Board: Martin Brudermüller Court of Registry: Stuttgart; commercial register no. 76 2873 VAT ID: DE321281763
Mercedes-Benz AG A.I CyberSecurity Scoring
Mercedes-Benz AG Risk Score (AI oriented)Between 800 and 849
Mercedes-Benz AG
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Mercedes-Benz AG Global Score (TPRM)XXXX
Mercedes-Benz AG
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Mercedes-Benz AG Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Mercedes-Benz AG
Data Leak
Rankiteo Explanation
Attack without any consequences
Description: Owners of Mercedes-Benz vehicles have reported that the app they used to remotely find, unlock, and start their vehicles displayed information on other people's accounts and vehicles. Customers claimed that the Mercedes-Benz linked car app was accessing data from accounts other than their own and displaying names, recent activity, phone numbers, and other information for other car owners. The alleged security breach occurred late on Friday, and a few hours later the app was taken offline for site maintenance. The information shown was cached information; there was no real-time access to the account, no financial information could be viewed, and there was no way to interact with or locate the car connected to the account.
Mercedes-Benz AG Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Mercedes-Benz AG
Incidents vs Motor Vehicle Manufacturing Industry Average (This Year)
No incidents recorded for Mercedes-Benz AG in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Mercedes-Benz AG in 2025.
Incident Types Mercedes-Benz AG vs Motor Vehicle Manufacturing Industry Avg (This Year)
No incidents recorded for Mercedes-Benz AG in 2025.
Incident History — Mercedes-Benz AG (X = Date, Y = Severity)
Mercedes-Benz AG cyber incidents detection timeline including parent company and subsidiaries
Mercedes-Benz AG Company Subsidiaries
"Love of invention will never end." - Carl Benz Learn more about us as we continue to pioneer the future of driving excellence. Data privacy: mb4.me/provider_privacy Mercedes-Benz AG Mercedesstraße 120 70372 Stuttgart Germany Phone: +49 7 11 17-0 E-Mail: [email protected] For inquiries regarding the content on this website, please contact any of the provided contacts. You may address your concerns in English or your respective native language. Represented by the Board of Management: Ola Källenius, Chairman; Jörg Burzer, Mathias Geisen, Renata Jungo Brüngger, Markus Schäfer, Britta Seeger, Oliver Thöne, Harald Wilhelm Chairman of the Supervisory Board: Martin Brudermüller Court of Registry: Stuttgart; commercial register no. 76 2873 VAT ID: DE321281763
Loading...
Mercedes-Benz AG Similar Companies
Mahindra and Mahindra Limited [Automotive and Farm Equipment Business]
A USD 19.4 billion multinational group based in Mumbai, India, Mahindra provides employment opportunities to over 256,000 people across 100 countries. Mahindra operates in the key industries that drive economic growth, enjoying a leadership position in tractors, utility vehicles, information technol
Pirelli was founded in Milan in 1872 and today stands as a global brand known for its cutting-edge technology, high-end production excellence and passion for innovation that draws heavily on its Italian roots. With 18 production plants in 12 countries and a commercial presence in over 160, Pirelli h
TVS Motor Company
TVS Motor Company is a reputed two and three-wheeler manufacturer globally, championing progress through Mobility with a focus on sustainability. Rooted in our 100-year legacy of Trust, Value, and Passion for Customers and Exactness, we take pride in making internationally aspirational products of t
Adient
Adient (NYSE: ADNT) is a global leader in automotive seating. With 70,000+ employees in 29 countries, Adient operates more than 200 manufacturing/assembly plants worldwide. We produce and deliver automotive seating for all major OEMs. From complete seating systems to individual foam, trim and metal
At Cummins, we empower everyone to grow their careers through meaningful work, building inclusive and equitable teams, coaching, development and opportunities to make a difference. Across our entire organization, you'll find engineers, developers, and technicians who are innovating, designing, testi
MAHLE
MAHLE is a leading international development partner and supplier to the automotive industry with customers in both passenger car and commercial vehicle sectors. Founded in 1920, the technology group is working on the climate-neutral mobility of tomorrow, with a focus on the strategic areas of elect
Harley-Davidson Motor Company
In 1903, out of a small shed in Milwaukee, Wisconsin, four young men lit a cultural wildfire that would grow and spread across geographies and generations. Their innovation and imagination for what was possible on two wheels sparked a transportation revolution and lifestyle that would make Harley-Da
DENSO
DENSO is one of the world's largest automotive suppliers with a 75-year history of providing advanced automotive systems and technology to automakers worldwide. While our products are featured on nearly every vehicle make and model on the road today, we're also looking to innovate beyond automotive
General Motors
General Motors’ vision is to create a world with Zero Crashes, Zero Emissions and Zero Congestion, and we have committed ourselves to leading the way toward this future. Today, we are in the midst of a transportation revolution, and we have the ambition, the talent and the technology to realize the
.png)
Mercedes-Benz AG CyberSecurity News
December 09, 2025 02:15 PM
Coco Gauff inks deal to become global brand ambassador for Mercedes-Benz
After topping Sportico's list of highest-earning female athletes for the third straight year, Gauff has added another luxury brand to her...
December 01, 2025 08:00 AM
Hackers Allegedly Claim Breach of Mercedes-Benz USA Legal and Customer Data
A threat actor known as "zestix" has claimed responsibility for a significant data breach affecting Mercedes-Benz USA (MBUSA),...
November 20, 2025 08:00 AM
George Kurtz Becomes Co-Owner of Mercedes-AMG PETRONAS F1 Team Through Minority Acquisition in Toto Wolff Ownership Entity, Appointed Technology Advisor
The Mercedes-AMG PETRONAS F1 Team and George Kurtz, CEO and Founder of CrowdStrike, today announced that Kurtz has become a co-owner of the...
November 20, 2025 08:00 AM
Kurtz Becomes Co-Owner of Mercedes-AMG F1 Team
George Kurtz has become a minority owner of the Mercedes-AMG Formula 1 team, with the CrowdStrike co-founder and CEO personally purchasing a...
November 20, 2025 08:00 AM
F1: Crowdstrike Co-Founder George Kurtz Buys Toto Wolff's Stake in Mercedes' F1 Team
George Kurtz has brought Toto Wolff's 15% stake in Mercedes' Formula 1 team however the Austrian's role in the team will be unchanged.
November 19, 2025 08:00 AM
George Kurtz Appointed Technology Advisor and Joins the Team’s Long-Term Ownership Group
Business innovator and 24 Hours of Le Mans winner invests in the future of the Mercedes-AMG PETRONAS F1 Team.
November 12, 2025 08:00 AM
Mercedes F1’s Wolff in Talks to Sell Stake at $6 Billion Value
Mercedes Formula One Chief Executive Officer Toto Wolff is in talks to sell some of his stake in a deal that could value the team at a...
November 05, 2025 08:00 AM
Mercedes-Benz boosts efficiency with Celonis process intelligence
Mercedes-Benz enhances manufacturing efficiency and on-time delivery by integrating Celonis Process Intelligence across its global...
October 30, 2025 07:00 AM
Mercedes-Benz Group AG (MBGAF) Q3 2025 Earnings Call Highlights: Navigating Challenges with ...
Despite market headwinds, Mercedes-Benz Group AG (MBGAF) focuses on innovation and shareholder returns with a new share buyback program and...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Mercedes-Benz AG CyberSecurity History Information
Official Website of Mercedes-Benz AG
The official website of Mercedes-Benz AG is http://www.mercedes-benz.com/.
Mercedes-Benz AG’s AI-Generated Cybersecurity Score
According to Rankiteo, Mercedes-Benz AG’s AI-generated cybersecurity score is 802, reflecting their Good security posture.
How many security badges does Mercedes-Benz AG’ have ?
According to Rankiteo, Mercedes-Benz AG currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Mercedes-Benz AG have SOC 2 Type 1 certification ?
According to Rankiteo, Mercedes-Benz AG is not certified under SOC 2 Type 1.
Does Mercedes-Benz AG have SOC 2 Type 2 certification ?
According to Rankiteo, Mercedes-Benz AG does not hold a SOC 2 Type 2 certification.
Does Mercedes-Benz AG comply with GDPR ?
According to Rankiteo, Mercedes-Benz AG is not listed as GDPR compliant.
Does Mercedes-Benz AG have PCI DSS certification ?
According to Rankiteo, Mercedes-Benz AG does not currently maintain PCI DSS compliance.
Does Mercedes-Benz AG comply with HIPAA ?
According to Rankiteo, Mercedes-Benz AG is not compliant with HIPAA regulations.
Does Mercedes-Benz AG have ISO 27001 certification ?
According to Rankiteo,Mercedes-Benz AG is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Mercedes-Benz AG
Mercedes-Benz AG operates primarily in the Motor Vehicle Manufacturing industry.
Number of Employees at Mercedes-Benz AG
Mercedes-Benz AG employs approximately 35,360 people worldwide.
Subsidiaries Owned by Mercedes-Benz AG
Mercedes-Benz AG presently has no subsidiaries across any sectors.
Mercedes-Benz AG’s LinkedIn Followers
Mercedes-Benz AG’s official LinkedIn profile has approximately 2,246,561 followers.
NAICS Classification of Mercedes-Benz AG
Mercedes-Benz AG is classified under the NAICS code 3361, which corresponds to Motor Vehicle Manufacturing.
Mercedes-Benz AG’s Presence on Crunchbase
No, Mercedes-Benz AG does not have a profile on Crunchbase.
Mercedes-Benz AG’s Presence on LinkedIn
Yes, Mercedes-Benz AG maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/mercedes-benz_ag.
Cybersecurity Incidents Involving Mercedes-Benz AG
As of December 21, 2025, Rankiteo reports that Mercedes-Benz AG has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Mercedes-Benz AG has an estimated 12,716 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Mercedes-Benz AG ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak.
How does Mercedes-Benz AG detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with app taken offline for site maintenance..
Incident Details
Can you provide details on each incident ?
Title: Mercedes-Benz Linked Car App Data Breach
Description: Owners of Mercedes-Benz vehicles have reported that the app they used to remotely find, unlock, and start their vehicles displayed information on other people's accounts and vehicles.
Date Detected: Late on Friday
Type: Data Breach
Attack Vector: Application Vulnerability
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Data Leak.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach MER71318423
Data Compromised: Names, Recent activity, Phone numbers
Systems Affected: Mercedes-Benz Linked Car App
Downtime: App taken offline for site maintenance
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Recent Activity, Phone Numbers and .
Which entities were affected by each incident ?
Incident : Data Breach MER71318423
Entity Name: Mercedes-Benz
Entity Type: Company
Industry: Automotive
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach MER71318423
Containment Measures: App taken offline for site maintenance
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach MER71318423
Type of Data Compromised: Names, Recent activity, Phone numbers
Personally Identifiable Information: NamesPhone Numbers
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by app taken offline for site maintenance.
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on Late on Friday.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Names, Recent Activity, Phone Numbers and .
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was App taken offline for site maintenance.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Recent Activity, Phone Numbers and Names.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations without impersonating the requesting user. Due to improper privilege handling and a time-of-check time-of-use race condition combined with symbolic link and mount point manipulation, a local authenticated attacker can coerce the service into deleting arbitrary directories with SYSTEM privileges. This can be exploited to delete protected system folders such as C:\\Config.msi and subsequently achieve execution as NT AUTHORITY\\SYSTEM via MSI rollback techniques.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to unauthorized modification of data due to a missing capability check on the 'cs_update_application_status_callback' function in all versions up to, and including, 7.7. This makes it possible for authenticated attackers, with Candidate-level access and above, to inject cross-site scripting into the 'status' parameter of applied jobs for any user.
Risk Information
cvss3
Base: 7.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Description
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.7 via the 'cs_update_application_status_callback' due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Candidate-level access and above, to send a site-generated email with injected HTML to any user.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Description
The FiboSearch – Ajax Search for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `thegem_te_search` shortcode in all versions up to, and including, 1.32.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This vulnerability requires TheGem theme (premium) to be installed with Header Builder mode enabled, and the FiboSearch "Replace search bars" option enabled for TheGem integration.
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
References
- https://plugins.trac.wordpress.org/browser/ajax-search-for-woocommerce/tags/1.32.0/partials/themes/thegem-elementor.php#L104
- https://plugins.trac.wordpress.org/browser/ajax-search-for-woocommerce/tags/1.32.0/partials/themes/thegem-elementor.php#L94
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3420841%40ajax-search-for-woocommerce%2Ftrunk&old=3398612%40ajax-search-for-woocommerce%2Ftrunk&sfp_email=&sfph_mail=#file136
- https://wordpress.org/plugins/ajax-search-for-woocommerce
- https://www.wordfence.com/threat-intel/vulnerabilities/id/8149103e-105d-401d-8a15-b07d131baaac?source=cve
Description
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.0 via the ajax_get_members function. This is due to the use of a predictable low-entropy token (5 hex characters derived from md5 of post ID) to identify member directories and insufficient authorization checks on the unauthenticated AJAX endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, display names, user roles (including administrator accounts), profile URLs, and user IDs by enumerating predictable directory_id values or brute-forcing the small 16^5 token space.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
References
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/class-functions.php#L41
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-ajax-common.php#L61
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-member-directory.php#L205
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-member-directory.php#L2795
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/templates/members.php#L26
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3421362%40ultimate-member%2Ftrunk&old=3408617%40ultimate-member%2Ftrunk&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/61337d2d-d15a-45f2-b730-fc034eb3cd31?source=cve
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=mercedes-benz_ag' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
