What is the official website of Saint-Gobain UK & Ireland ?

The official website of Saint-Gobain UK & Ireland is http://www.saint-gobain.co.uk/.

What is Saint-Gobain UK & Ireland's cybersecurity risk score?

Saint-Gobain UK & Ireland has an AI-generated cybersecurity risk score of 758 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has Saint-Gobain UK & Ireland experienced?

According to Rankiteo, Saint-Gobain UK & Ireland currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Saint-Gobain UK & Ireland been affected by any supply chain cyber incidents ?

According to Rankiteo, Saint-Gobain UK & Ireland has been affected by multiple supply chain cyber incidents. The affected supply chain sources and their corresponding incident IDs are: Cisco (Incident ID: CISSAI1773859283) Cisco (Incident ID: KET5232452102025)

Does Saint-Gobain UK & Ireland have SOC 2 Type 1 certification ?

According to Rankiteo, Saint-Gobain UK & Ireland is not certified under SOC 2 Type 1.

Does Saint-Gobain UK & Ireland have SOC 2 Type 2 certification ?

According to Rankiteo, Saint-Gobain UK & Ireland does not hold a SOC 2 Type 2 certification.

Does Saint-Gobain UK & Ireland comply with GDPR ?

According to Rankiteo, Saint-Gobain UK & Ireland is not listed as GDPR compliant.

Does Saint-Gobain UK & Ireland have PCI DSS certification ?

According to Rankiteo, Saint-Gobain UK & Ireland does not currently maintain PCI DSS compliance.

Does Saint-Gobain UK & Ireland comply with HIPAA ?

According to Rankiteo, Saint-Gobain UK & Ireland is not compliant with HIPAA regulations.

Does Saint-Gobain UK & Ireland have ISO 27001 certification ?

According to Rankiteo,Saint-Gobain UK & Ireland is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Saint-Gobain UK & Ireland operate in ?

Saint-Gobain UK & Ireland operates primarily in the Construction industry.

How many employees does Saint-Gobain UK & Ireland have ?

Saint-Gobain UK & Ireland employs approximately 1,394 people worldwide.

Does Saint-Gobain UK & Ireland own any subsidiaries ?

Saint-Gobain UK & Ireland presently has no subsidiaries across any sectors.

How many LinkedIn followers does Saint-Gobain UK & Ireland have ?

Saint-Gobain UK & Ireland's official LinkedIn profile has approximately 33,551 followers.

What is the NAICS classification code for Saint-Gobain UK & Ireland ?

Saint-Gobain UK & Ireland is classified under the NAICS code 23, which corresponds to Construction.

Does Saint-Gobain UK & Ireland have a Crunchbase profile ?

No, Saint-Gobain UK & Ireland does not have a profile on Crunchbase.

Does Saint-Gobain UK & Ireland have a LinkedIn profile ?

Yes, Saint-Gobain UK & Ireland maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/saint-gobain-uk-&-ireland.

How many cybersecurity incidents has Saint-Gobain UK & Ireland experienced ?

As of June 30, 2026, Rankiteo reports that Saint-Gobain UK & Ireland has experienced 3 cybersecurity incidents.

How many peer or competitor companies does Saint-Gobain UK & Ireland have ?

Saint-Gobain UK & Ireland has an estimated 39,782 peer or competitor companies worldwide.

What types of cybersecurity incidents has Saint-Gobain UK & Ireland faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability and Ransomware.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

SUI

Boost Score +25 with badge (5 left)

758

/1000

Fair

783

/1000

Fair

Saint-Gobain UK & Ireland Vendor Cyber Rating & Cyber Score

saint-gobain.co.uk

Add Your Compliance Badge

Worldwide leader in light and sustainable construction, Saint-Gobain designs, manufactures and distributes solutions for construction and industry. They can be found everywhere in our living places and our daily life: in buildings, transportation, infrastructure and in many industrial applications. They provide comfort, performance and safety while addressing the challenges of sustainable construction, resource efficiency and climate change. Saint-Gobain was founded in 1665 to deliver a world first – the production of glass on an industrial scale - and has continued to grow its business through adapting and innovating to provide new services, products and ways of working with customers. Saint-Gobain in the UK and Ireland includes some

SUI A.I CyberSecurity Scoring

Scoring History

SUI

Saint-Gobain UK & Ireland CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Saint-Gobain

Vulnerability

100

1/2026

Cisco

CISSAI177385928...

Saint-Gobain

Ransomware

100

10/2025

Cisco

KET523245210202...

Saint-Gobain

Ransomware

100

1/2024

SAITEX177341231...

Loading…

A.I.

SUI Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for SUI

Incidents vs Construction Industry Avg (This Year)

No incidents recorded for Saint-Gobain UK & Ireland in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Saint-Gobain UK & Ireland in 2026.

Incident Types SUI vs Construction Industry Avg (This Year)

No incidents recorded for Saint-Gobain UK & Ireland in 2026.

Incident History - SUI (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Saint-Gobain UK & Ireland Subsidiaries

SUI

Construction

Website: http://www.saint-gobain.co.uk/

Company Size: 1,394

Saint-GobainWholesale Building Materials

Saint-Gobain ItaliaWholesale Building Materials

Saint-Gobain GCCWholesale Building Materials

Saint-Gobain Group in IndiaWholesale Building Materials

Saint-Gobain India Private Limited - Glass BusinessGlass, Ceramics and Concrete Manufacturing

Saint-Gobain Research IndiaResearch Services

Saint-Gobain Weber IndiaConstruction

Saint-Gobain International IT Delivery CentreIT Services and IT Consulting

Norton Abrasives IndiaMechanical Or Industrial Engineering

Performance Plastics - Saint-Gobain IndiaPlastics Manufacturing

Saint-Gobain India - Architectural Window FilmWholesale Building Materials

Saint-Gobain Eastern Mediterranean and Middle EastWholesale Building Materials

Saint-Gobain ArgentinaConstruction

Weber® ArgentinaConstruction

ISOVER® ArgentinaConstruction

Saint-Gobain PAM - Argentina, Bolivia, Chile, Paraguay y UruguayWholesale Building Materials

Saint-Gobain IndonesiaWholesale Building Materials

Saint-Gobain North AmericaWholesale Building Materials

Saint-Gobain SekuritGlass, Ceramics and Concrete Manufacturing

Saint-Gobain BrasilWholesale Building Materials

CebraceGlass, Ceramics and Concrete Manufacturing

QuartzolitWholesale Building Materials

Saint-Gobain AbrasivosConstruction

Norton Saint-Gobain BrasilConstruction

Saint-Gobain Abrasivos - AdhesivosWholesale Building Materials

JunduMining

Saint-Gobain Glass BrasilFabricação de vidro, cerâmica e concreto

Sekurit Service BrasilMotor Vehicle Parts Manufacturing

Isover BrasilConstruction

PLACO®Building Materials

Isover FranceBuilding Materials

Saint-Gobain PAM CanalisationUtilities

Saint-Gobain PAM Deutschland GmbHBuilding Materials

Saint-Gobain PAM PolskaWholesale Building Materials

Saint-Gobain PAM Nederland B.V.Wholesale

Saint-Gobain PAM EspañaWholesale Building Materials

Saint-Gobain PAM ItalyRenewable Energy Semiconductor Manufacturing

Saint-Gobain PAM FinlandWholesale Building Materials

Saint-Gobain PAM NorgeConstruction

Saint-Gobain PAM BelgiumWholesale Building Materials

SAINT-GOBAIN PAM CZ Construction

Saint-Gobain Gulf CountriesWholesale Building Materials

Saint-Gobain PortugalConstruction

Leca PortugalBuilding Materials

Glassdrive PortugalMotor Vehicle Manufacturing

CASA Saint-GobainConstruction

Saint-Gobain Research ParisResearch Services

Saint-Gobain RomaniaWholesale Building Materials

Saint-Gobain PolandWholesale Building Materials

Saint-Gobain TürkiyeBuilding Materials

Saint-Gobain Česká republikaConstruction

Saint-Gobain Football CupWholesale Building Materials

SAINT-GOBAIN THAILANDBuilding Materials

Saint-Gobain Research CompiegneResearch Services

PAM Building France Construction

Saint-Gobain Research ProvenceResearch Services

Clipper Coramine (Saint-Gobain)Construction

Saint-Gobain SEVAMechanical Or Industrial Engineering

Saint-Gobain DeutschlandWholesale Building Materials

Saint-Gobain Ecophon FranceWholesale Building Materials

Saint-Gobain BulgariaBuilding Materials

Saint-Gobain EurocousticGlass, Ceramics and Concrete Manufacturing

Saint-Gobain FoundationNon-profit Organizations

NOVA by Saint-GobainVenture Capital and Private Equity Principals

Saint-Gobain FinlandWholesale Building Materials

PasquillWholesale Building Materials

Saint-Gobain Weber UK & IrelandWholesale Building Materials

British GypsumBuilding Materials

Saint-Gobain PAM UKUtilities

Loading…

Saint-Gobain UK & Ireland Similar Companies

STRABAG

cb strabag.com

At STRABAG around 86,000 people working on progress at more than 2,400 locations worldwide. Uniqueness and individual strengths characterise both our projects and each of us as individuals. Whether its building construction, civil engineering, road construction, underground engineering, bridge building, tunnelling, construction material production, project development or building management – we are always one step ahead so that we can become the most innovative and sustainable construction technology company in Europe. Diversity, inclusion and equal opportunities are integral to this, who we are as a company and how we work. Together we work as partners to complete projects successfully and grow with new challenges. Together we achieve great things. Let’s progress!

Holcim

holcim.com

Holcim is the leading partner for sustainable construction with net sales of CHF 15.7 billion in 2025, creating value across the built environment from infrastructure and industry to buildings. We have more than 45 000 employees in 43 attractive markets – across Europe, Latin America and Asia, Middle East & Africa – and have been recognized as a Global Top Employer by the Top Employers Institute. Holcim offers high-value end-to-end Building Materials and Building Solutions, from foundations and flooring to walling and roofing – powered by premium brands including ECOPact, ECOPlanet and ECOCycle.

Royal BAM Group

bam.com

🏗️ Building a sustainable tomorrow at BAM! As leaders in the construction industry, we are committed to pioneering sustainable practices that not only enhance our projects but also contribute to a better future for generations to come. Our strategy revolves around focusing to protect profitability, transforming to strengthen competitive advantage, and expanding for future growth. Join us in making possible by prioritising sustainability in everything we do. 🌍

NCC

ncc.com

NCC is one of the leading construction companies in the Nordics. Based on its expertise in managing complex construction processes, NCC contributes to a positive impact of construction for its customers and society. NCC is one of the largest players in the Nordic construction market, and operates in Sweden, Norway, Denmark and Finland. Operations include building and infrastructure project contracting, asphalt and stone materials production, and commercial property development. In 2024, NCC had a turnover of about SEK 62 bn and 11,800 employees. NCC Infrastructure We build infrastructure for travel, transportation, energy and water throughout the Nordic region. NCC Building Sweden Builds and renovates sustainable housing, offices, healthcare buildings, schools, sports facilities and public buildings for public and private customers in Sweden. NCC Building Nordics Builds and renovates sustainable housing, offices, healthcare buildings, schools, sports facilities and public buildings for public and private customers in Denmark, Finland and Norway. NCC Industry Offers products and services for construction and infrastructure projects in Sweden, Norway, Denmark and Finland. Operations comprise production of stone materials and asphalt products and paving works. NCC Property Development Develops and sells commercial properties in defined growth markets in the Nordic region. NCC Green Industry Transformation In 2024, NCC established a new business area, NCC Green Industry Transformation, that will support industry players in the green transition. We as a company will never become better than our employees. One of our main objectives is therefore to be the industry leader in recruiting, retaining and developing employees. NCC can offer you a varied work life, with unique construction projects and inspiring challenges. Welcome to a corporate culture based on clear values and a strong team spirit.

Hilti Group

hilti.group

Hilti stands for innovation and direct customer relationships. About 34,000 employees around the world, in more than 120 countries, contribute to making our customers’ work more productive, safer and more sustainable. We do this with our hardware, software and service offering. With roughly 280,000 customer contacts each day, many ideas come directly from our customers. If there is a challenge for which no Hilti solution exists, one will be developed. This is why we invest approximately 6 percent of sales each year in research and development. From product development to manufacturing, logistics, sales and services, we cover the entire value-added chain. We aim to be our customers' best partner for productivity, safety and sustainability. We aim to be the best partner in making construction better. For unique and diverse career opportunities, take a look at our worldwide vacancies at https://careers.hilti.group/en/jobs/.

Consolidated Contractors Company

ccc.net

Consolidated Contractors International company is a leading diversified company carrying out construction, engineering, procurement, development and investment activities internationally. We are committed to providing reliable, amicable, and professional service to our valuable clients, and to being supportive to local businesses and social activities, being friendly to the environment as well as being proactive in the socio-economic environments within which we operate. Our appreciation of our clients' interests, evidenced by meeting their requirements and ensuring high quality work, is the prime directive of our management. Our growth and profitability are maintained through innovation, technical enhancement, and adaptability to all our markets. Our profitability is directed towards sustaining growth and to providing satisfactory returns to our shareholders. Our commitment to growth is firmly linked to our commitment to our employees' continuous development and rewarding careers. We are also devoted to our employee's safety and health, job security, and welfare. Our strength emanates from our distinct culture, strong and close relationships with our clients, employees' competence and loyalty, entrepreneurial and flexible management, capability, dynamism, focus on quality and safety, and commercial acumen.

International Brotherhood of Electrical Workers (IBEW)

cb ibew.org

The IBEW represents 860,000 active. and retired who work in a wide variety of fields, including utilities, construction, telecommunications, broadcasting, manufacturing, railroads and government. The IBEW has members in both the United States and Canada and stands out among the American unions in the AFL-CIO because it is among the largest and has members in so many skilled occupations. As union members, we bargain collectively with our employers over wages, benefits, and rights. Most of us have very limited bargaining power as one person, but as a group, we are strong. And, with a good negotiated contract, we have legal protections we would not have otherwise. Follow us on: Twitter: https://twitter.com/IBEW Facebook: https://www.facebook.com/IBEWFB YouTube: http://www.youtube.com/user/TheElectricalWorker

VINCI Construction

vinci-construction.com

Premier groupe français et acteur mondial de premier plan de la construction, VINCI Construction réunit plus de 830 entreprises et près de 69000 collaborateurs dans une centaine de pays. Ses expertises s’étendent à l’ensemble des métiers du bâtiment, du génie civil, et des activités spécialisées associés à la construction VINCI Construction se caractérise, outre l’étendue de sces expertises, par un modèle économique articulé en trois composantes complémentaires. Un réseau de filiales locales :  - en France, avec VINCI Construction France, qui dispose en métropole d’un réseau solidement ancré de 450 centres de profit, et VINCI Construction Dom-Tom, représenté par une trentaine de filiales locales implantées dans les départements, territoires et collectivités d’outre-mer ;  - à l’international, avec VINCI Construction UK au Royaume-Uni; avec Warbud, SMP, Prumstav, SMS et APS Alkon en Europe centrale et enfin avec Sogea-Satom en Afrique ; Des métiers de spécialités exercés à l’échelle mondiale : Soletanche Freyssinet (fondations et technologies du sol, structures, nucléaire) ; Entrepose Contracting (infrastructures parapétrolières et gazières) ; Une division dédiée au management et à la réalisation de projets complexes, avec VINCI Construction Grands Projets, VINCI Construction Terrassement et Dodin Campenon Bernard, qui interviennent sur le marché des grands ouvrages de génie civil et de bâtiment, en France et à l’international. VINCI Construction est le creuset de la culture d’entrepreneur du Groupe et de son schéma de management, qui conjugue décentralisation, travail en réseau, autonomie et responsabilité individuelle de l’encadrement, valorisation des hommes et réactivité des organisations.

Kiewit

kiewit.com

At Kiewit, the projects we deliver make a difference, and we offer opportunities for you to make one, too. Our construction and engineering professionals work on some of the industry’s most complex, challenging and rewarding projects – whether it’s boring tunnels through mountains, turning rivers into energy, or building bridges that connect communities. Kiewit people tackle important projects of every size, in any market. Start your Kiewit adventure today at kiewitjobs.com. Kiewit is one of North America’s largest and most respected construction and engineering organizations. With its roots dating back to 1884, the employee-owned organization operates through a network of subsidiaries in the United States, Canada, and Mexico. Kiewit offers construction and engineering services in a variety of markets including transportation; oil, gas and chemical; power; building; marine; water/wastewater; industrial; and mining. We are an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

Loading…

NEWS

Saint-Gobain UK & Ireland CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

December 03, 2025 09:16 AM

Saint-Gobain Glass wins G25 Sustainability Award for second year

Saint-Gobain Glass has been named winner of the Sustainability Initiative of the Year category at the prestigious G25 Awards, securing the...

Read Article

December 01, 2025 07:00 AM

Saint-Gobain Glass wins two 2025 Glass Focus Awards

Saint-Gobain Glass is celebrating double success at this year's Glass Focus Awards, organised by British Glass, after being named the winner...

Read Article

November 21, 2025 08:00 AM

Saint-Gobain UK & Ireland appoints Dean O'Sullivan as new CEO

Saint-Gobain UK & Ireland has appointed DEAN O'SULLIVAN as CEO for its UK & Ireland business following the retirement of long-standing CEO,...

Read Article

October 29, 2025 07:00 AM

Saint-Gobain secure centre stage spot at UKREiiF 2026

UKREiiF has announced that Saint-Gobain UK has secured a pavilion at the annual event taking place between 19-21 May 2026, in Leeds.

Read Article

October 24, 2025 07:00 AM

Saint-Gobain Glass UK shortlisted for four Glass Focus Awards 2025

Saint-Gobain Glass UK has been shortlisted in four categories at this year's Glass Focus Awards, organised by British Glass, recognising the...

Read Article

October 17, 2025 07:00 AM

Facades to suit every European market

With EnveoVent, Saint-Gobain is deploying a sales strategy that offers high-performance facade solutions adapted to local conditions.

Read Article

October 13, 2025 07:00 AM

Dean O’Sullivan joins Saint-Gobain UK & Ireland as new CEO

Following the retirement of Mike Chaldecott after 42 years, Saint-Gobain UK & Ireland has appointed Dean O'Sullivan as CEO · Dean is an...

Read Article

October 10, 2025 07:00 AM

New chief exec named at Saint-Gobain UK & Ireland

New chief exec named at Saint-Gobain UK & Ireland ... Dean O'Sullivan has stepped into the role of CEO at multinational construction materials...

Read Article

October 10, 2025 07:00 AM

Saint-Gobain names Chaldecott's successor

Building products giant Saint-Gobain has appointed Dean O'Sullivan as chief executive of its UK & Ireland business.

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-8023

SUMMARY

Zephyr's HTTP server (subsys/net/lib/http) provides a static-filesystem resource type (HTTP_RESOURCE_TYPE_STATIC_FS, available when CONFIG_FILE_SYSTEM is enabled) that serves files from a configured root directory. Before this fix, both the HTTP/1 and HTTP/2 front-ends placed the raw, attacker-controlled request path into client-url_buffer (assembled in on_url() for HTTP/1 and copied verbatim from the :path pseudo-header for HTTP/2) without resolving ./.. segments. The static-FS handler then built the on-disk filename by directly concatenating the configured root with that raw URL (snprintk(fname, ..., "%s%s", static_fs_detail-fs_path, client-url_buffer) at http_server_http1.c:603 and http_server_http2.c:490) and opened it with fs_open(fname, FS_O_READ). Because the handler is reached via wildcard/leading-dir (fnmatch FNM_LEADING_DIR) or fallback resource matching, a request such as GET /<prefix/../../<file is dispatched to the handler and, after the underlying filesystem (e.g. LittleFS/FAT) resolves the .. segments, escapes the configured web root, letting an unauthenticated remote client read arbitrary readable files on the mounted volume (information disclosure). The HTTP server requires no TLS or authentication to reach this path. The fix adds http_server_remove_dot_segments(), which canonicalizes the path portion of the URL before resource lookup in both protocol handlers, neutralizing the traversal. Affects releases v4.0.0 through v4.4.0 for deployments that register a static-filesystem resource.

Published

Date2026-06-29

Updated

Date2026-06-29

RISK INFORMATION (Score: 7.5)

cvss3

Base Score: 7.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Impact Score

3.6

Exploitability

3.9

REFERENCES

CVE-2026-7656

SUMMARY

The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6_nbr.c (handle_ra_input, handle_ns_input, handle_na_input) used an incorrect boolean expression that combined the RFC 4861 validity checks with the ICMPv6 code check using the wrong operator precedence: the form was '((length/hop/source/target checks) && (icmp_hdr-code != 0))'. Because every legitimate ND message carries ICMPv6 code 0, an attacker setting code == 0 (the normal value) caused the entire predicate to evaluate false, so the packet was never dropped and all of the other checks were silently skipped. The bypassed checks include the mandatory Hop Limit == 255 verification (which proves an ND packet originated on-link and was not forwarded) and, for Router Advertisements, the requirement that the source be a link-local address, as well as multicast-target sanity checks. As a result, an adjacent on-link attacker — and, because the Hop-Limit-255 guard is bypassed, potentially a remote/off-link attacker whose packets would otherwise be rejected — can have forged Router Advertisement, Neighbor Solicitation, and Neighbor Advertisement messages accepted. A forged RA lets the attacker reconfigure the victim's default router, on-link prefixes (SLAAC), MTU, reachable/retransmit timers, and (with CONFIG_NET_IPV6_RA_RDNSS) DNS servers, while forged NS/NA enable neighbor-cache poisoning, enabling man-in-the-middle, traffic redirection, and denial of service. The flaw is an input-validation/authentication weakness rather than a memory-safety issue: the underlying packet-parsing primitives (net_pkt_get_data, net_pkt_read, net_pkt_skip) are independently bounds-safe and the validated 'length' is the true buffer length, so skipping the length check causes no out-of-bounds access. The defect has existed since the logic was introduced in 2018 and shipped in all releases through v4.4.0; it is fixed by splitting the condition so any failing check drops the packet.

Published

Date2026-06-29

Updated

Date2026-06-29

RISK INFORMATION (Score: 8.1)

cvss3

Base Score: 8.1

Complexity: LOW

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Impact Score

5.2

Exploitability

2.8

REFERENCES

CVE-2026-51219

SUMMARY

A heap buffer overflow in the HighPriorityASDUQueue_hasUnconfirmedIMessages function of lib60870 v2.3.3 to v2.3.6 allows attackers to cause a Denial of Service (DoS) via a crafted payload.

Published

Date2026-06-29

Updated

Date2026-06-29

RISK INFORMATION (Score: )

Impact Score

Exploitability

REFERENCES

CVE-2026-51218

SUMMARY

A heap buffer overflow in the TS7Worker::PerformFunctionWrite() function (/core/s7_server.cpp) of snap7 v1.4.3 allows attackers to cause a Denial of Service (DoS) via a crafted packet.

Published

Date2026-06-29

Updated

Date2026-06-29

RISK INFORMATION (Score: )

Impact Score

Exploitability

REFERENCES

CVE-2026-10648

SUMMARY

mcumgr_serial_process_frag() in subsys/mgmt/mcumgr/transport/src/serial_util.c calls net_buf_reset() on the result of smp_packet_alloc() before checking it for NULL. smp_packet_alloc() uses net_buf_alloc(K_NO_WAIT) against the shared MCUmgr packet pool (CONFIG_MCUMGR_TRANSPORT_NETBUF_COUNT, default 4), which returns NULL when the pool is exhausted. In default builds the __ASSERT_NO_MSG in net_buf_reset is a no-op, so net_buf_simple_reset writes through the NULL pointer (buf->len = 0; buf->data = buf->__buf), causing a fault/crash. The fragment data reaches this code from attacker-controlled bytes on the MCUmgr serial/UART/shell-console transports (smp_uart.c, smp_raw_uart.c, smp_shell.c), and a fresh buffer is allocated at the start of essentially every new packet. An attacker on the serial/console link can flood the transport to drive the 4-entry buffer pool to exhaustion and induce the NULL dereference, crashing the device (denial of service). The defect was introduced after the original MCUmgr rework and shipped in Zephyr v4.4.0. The fix moves the NULL check ahead of net_buf_reset.

Published

Date2026-06-29

Updated

Date2026-06-29

RISK INFORMATION (Score: 6.2)

cvss3

Base Score: 6.2

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score

3.6

Exploitability

2.5

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…