Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Raspberry Pi

Raspberry Pi Vendor Cyber Rating & Cyber Score

raspberrypi.com

Whatever your application and whatever your scale, Raspberry Pi offers cost‑effective, high‑performance computing for businesses and the home. Designed and manufactured in the UK.


Raspberry Pi A.I CyberSecurity Scoring

Raspberry Pi
Company Information
Website:http://www.raspberrypi.com
Employees number:198
Number of followers:148,034
NAICS:3341
Industry Type:Computer Hardware Manufacturing
Homepage:raspberrypi.com
Raspberry Pi Risk Score (AI oriented)
Between 750 and 799
logo
Raspberry PiComputer Hardware Manufacturing
Updated:
16/05/2026
757/1000
Fair
Baa
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Raspberry Pi Global Score (TPRM)
xxxx
logo
Raspberry PiComputer Hardware Manufacturing
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Raspberry Pi
Raspberry PiFair
Current Score
757Baa (FAIR)
01000
1 incidents
-4 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
759Before Incident
JUNE 2026
759Before Incident
MAY 2026
761Before Incident
Vulnerability
14 May 2026Raspberry Pi
Debian, Ubuntu and Raspberry Pi OS: Critical Linux Kernel Flaw ‘ssh-keysign-pwn’ Exposes SSH Keys and Shadow Passwords

Critical Linux Kernel Flaw Exposes SSH Keys and Password Hashes (CVE-2026-46333)

757After Incident
CRITICAL-4
UBURASDEB1778919975
Critical Linux Kernel Flaw Exposes SSH Keys and Password Hashes A newly disclosed Linux kernel vulnerability, tracked as CVE-2026-46333 and dubbed "ssh-keysign-pwn," allows attackers to extract highly sensitive data including SSH private keys and password hashes from affected systems. The flaw stems from a race condition in the kernel’s ptrace access control logic, specifically within the `__ptrace_may_access()` function. ### How the Exploit Works The vulnerability arises when a privileged process (e.g., ssh-keysign or chage) shuts down. During this brief window, its memory context is cleared (mm = NULL), but its file descriptors remain open. An unprivileged local attacker can exploit this gap using `pidfd_getfd()` to steal these descriptors, bypassing intended permission checks. A proof-of-concept (PoC) exploit on GitHub demonstrates how attackers can repeatedly spawn processes to race against a privileged helper’s exit, successfully extracting file descriptors in 100–2000 attempts making it a practical threat. ### Impact & Risks - SSH Private Key Theft: Enables attackers to impersonate systems or users, conduct man-in-the-middle (MitM) attacks, and move laterally across networks. - Password Hash Exposure: Full read access to `/etc/shadow`, allowing offline cracking of credentials. - Cascading Compromises: Since SSH keys are often reused, a single breach can lead to wider network access. ### Affected Systems The flaw impacts most Linux distributions running kernels before the May 14, 2026 patch, including: - Ubuntu - Debian - Arch Linux - CentOS - Raspberry Pi OS Given the vulnerability’s six-year existence, many long-term deployments remain exposed. ### Mitigation & Response - Apply kernel patches for CVE-2026-46333. - Rotate all SSH keys, particularly on critical systems. - Audit access to sensitive files like `/etc/shadow`. - Monitor for suspicious `ptrace` or `pidfd` system calls. - Restrict local user access where possible, as exploitation requires local presence. With a public PoC exploit already available, the risk of active exploitation in the wild is heightened, underscoring the urgency for remediation.
INCIDENT DETAILS -
TYPE
Privilege Escalation
IMPACT
Data Compromised: SSH private keys, password hashes (/etc/shadow)Systems Affected: Linux systems running kernels before May 14, 2026 patchOperational Impact: Lateral movement, man-in-the-middle attacks, credential crackingIdentity Theft Risk: High (SSH key impersonation, password cracking)
DATA BREACH
SSH private keysPassword hashesSensitivity Of Data: High (SSH keys, password hashes)/etc/shadow
APRIL 2026
760Before Incident
MARCH 2026
760Before Incident
FEBRUARY 2026
760Before Incident
JANUARY 2026
760Before Incident
DECEMBER 2025
760Before Incident
NOVEMBER 2025
760Before Incident
OCTOBER 2025
760Before Incident
SEPTEMBER 2025
760Before Incident
AUGUST 2025
760Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Raspberry Pi ?
?
What was Raspberry Pi's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Raspberry Pi's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Raspberry Pi's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Raspberry Pi's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Raspberry Pi's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Raspberry Pi's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Raspberry Pi's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Raspberry Pi's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Raspberry Pi's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Raspberry Pi's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Raspberry Pi's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Raspberry Pi's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Raspberry Pi ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Raspberry Pi's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?