Luxury real estate, elevated service, and unmatched commitment to our clients and communities.
Savills is a global real estate advisor helping people thrive through places and spaces. With over 42,000 professionals in more than 700 offices across the Americas, Europe, Asia Pacific, Africa and the Middle East, we combine local knowledge with global insight to deliver tailored solutions that drive real impact. Headquartered in London and listed on the FTSE 250 (LON: SVS), we work with corporate, institutional and private clients to unlock the full potential of residential and commercial property. Whether you're a corporate looking to expand, an investor seeking to sustainably optimise your portfolio or a family trying to find a new home, we bring a truly personal approach to every project, delivering best-in-class insights and advice to help you make better property decisions.
Security & Compliance Standards Overview
No incidents recorded for Sereno in 2026.
No incidents recorded for Savills in 2026.
Sereno cyber incidents detection timeline including parent company and subsidiaries
Savills cyber incidents detection timeline including parent company and subsidiaries
Last 3 Security & Risk Events by Company
Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service availability.
The stored API keys in temporary browser client is not marked as protected allowing for JavScript console or other errors to allow for extraction of the encryption credentials.
XSS vulnerability in cveInterface.js allows for inject HTML to be passed to display, as cveInterface trusts input from CVE API services
Multiple reflected cross-site scripting (XSS) vulnerabilities in the login.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda and red_url parameters.
A reflected cross-site scripting (XSS) vulnerability in the login_newpwd.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda parameter.
