What is the official website of Spacewell ?

The official website of Spacewell is https://spacewell.com.

What is Spacewell's cybersecurity risk score?

Spacewell has an AI-generated cybersecurity risk score of 752 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has Spacewell experienced?

According to Rankiteo, Spacewell currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Spacewell been affected by any supply chain cyber incidents ?

According to Rankiteo, Spacewell has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Spacewell have SOC 2 Type 1 certification ?

According to Rankiteo, Spacewell is not certified under SOC 2 Type 1.

Does Spacewell have SOC 2 Type 2 certification ?

According to Rankiteo, Spacewell does not hold a SOC 2 Type 2 certification.

Does Spacewell comply with GDPR ?

According to Rankiteo, Spacewell is not listed as GDPR compliant.

Does Spacewell have PCI DSS certification ?

According to Rankiteo, Spacewell does not currently maintain PCI DSS compliance.

Does Spacewell comply with HIPAA ?

According to Rankiteo, Spacewell is not compliant with HIPAA regulations.

Does Spacewell have ISO 27001 certification ?

According to Rankiteo,Spacewell is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Spacewell operate in ?

Spacewell operates primarily in the IT Services and IT Consulting industry.

How many employees does Spacewell have ?

Spacewell employs approximately 216 people worldwide.

Does Spacewell own any subsidiaries ?

Spacewell presently has no subsidiaries across any sectors.

How many LinkedIn followers does Spacewell have ?

Spacewell's official LinkedIn profile has approximately 12,336 followers.

What is the NAICS classification code for Spacewell ?

Spacewell is classified under the NAICS code 5415, which corresponds to Computer Systems Design and Related Services.

Does Spacewell have a Crunchbase profile ?

Yes, Spacewell has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/mcs-solutions.

Does Spacewell have a LinkedIn profile ?

Yes, Spacewell maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/spacewell-a-nemetschek-company.

How many cybersecurity incidents has Spacewell experienced ?

As of June 30, 2026, Rankiteo reports that Spacewell has not experienced any cybersecurity incidents.

How many peer or competitor companies does Spacewell have ?

Spacewell has an estimated 40,873 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Spacewell

Boost Score +25 with badge (5 left)

752

/1000

Fair

777

/1000

Fair

Spacewell Vendor Cyber Rating & Cyber Score

spacewell.com

cb in

Add Your Compliance Badge

Spacewell, a Nemetschek Group company, is a technology and consulting firm, supporting its clients across the globe to improve the performance of their building portfolios. Our core purpose is to make buildings work harder for their occupants by unlocking the power of building data. We assist our clients to optimize their facility operations and achieve bottom-line savings. And we help them create workplaces that offer the agility, flexibility, and connectivity needed to support new ways of working. The Spacewell offering consists of: - IoT-connected Spacewell Workplace SaaS platform for - Workplace Analytics - Workplace Experience - Workplace Management - AI-powered Energy management software

Spacewell A.I CyberSecurity Scoring

Scoring History

Spacewell

Spacewell CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

No data available

Loading…

A.I.

Spacewell Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Spacewell

Incidents vs IT Services and IT Consulting Industry Avg (This Year)

No incidents recorded for Spacewell in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Spacewell in 2026.

Incident Types Spacewell vs IT Services and IT Consulting Industry Avg (This Year)

No incidents recorded for Spacewell in 2026.

Incident History - Spacewell (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Spacewell Subsidiaries

Parent Company

Spacewell

IT Services and IT Consulting

Website: https://spacewell.com

Company Size: 201-500 employees

No subsidiary data available for this company.

Loading…

Spacewell Similar Companies

Capgemini

capgemini.com

Capgemini is an AI-powered global business and technology transformation partner, delivering tangible business value. We imagine the future of organizations and make it real with AI, technology and people. With our strong heritage of nearly 60 years, we are a responsible and diverse group of 420,000 team members in more than 50 countries. We deliver end-to-end services and solutions with our deep industry expertise and strong partner ecosystem, leveraging our capabilities across strategy, technology, design, engineering and business operations. The Group reported 2024 global revenues of €22.1 billion. Make it real | www.capgemini.com

Accenture in India

accenture.com

Accenture is a global professional services company with leading capabilities in digital, cloud and security. Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Interactive, Technology and Operations services — all powered by the world’s largest network of Advanced Technology and Intelligent Operations centers. Our 699,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. We embrace the power of change to create value and shared success for our clients, people, shareholders, partners and communities. Visit us at accenture.com.

Indra

cb indragroup.com

Indra Group (https://www.indragroup.com/) is the foremost Spanish multinational and one of the leading European companies that focus on defence and advanced technologies. It stands at the forefront of the defence, space, air traffic management, mobility, and Information Technology businesses through Minsait, and it integrates its sovereign AI, cybersecurity and cyberdefence capabilities into IndraMind. Indra Group is paving the way to a more secure and better-connected future through innovative solutions, trusted relationships and the very best talent. Sustainability is an integral part of its strategy and culture in order to overcome current and future social and environmental challenges. At the close of the 2024 financial year, Indra Group posted revenues of €4.843 billion and had a local presence in 46 countries and business operations in over 140 countries.

Canon EMEA

canon-europe.com

We are Canon Europe. We are the world's best imaging company. This page represents our offices in Europe, the Middle East and Africa. Founded in 1937, the desire to continuously innovate has kept Canon at the forefront of imaging excellence throughout its 85-year history and has commitments to invest in the right areas and capture growth opportunities. From cameras to commercial printers, and business consultancy to healthcare technologies, Canon enriches lives and businesses through imaging innovation. Canon’s corporate philosophy is Kyosei – ‘living and working together for the common good’. In EMEA, Canon Europe pursues sustainable business growth, focusing on reducing its own environmental impact and supporting customers to reduce theirs using Canon’s products, solutions and services. Canon Europe has operations in roughly 120 countries, with approximately 13,500 employees and contributes to around a quarter of Canon’s global revenues annually.

CenturyLink

centurylink.com

CenturyLink (NYSE: CTL) is a technology leader delivering hybrid networking, cloud connectivity, and security solutions to customers around the world. Through its extensive global fiber network, CenturyLink provides secure and reliable services to meet the growing digital demands of businesses and consumers. CenturyLink strives to be the trusted connection to the networked world and is focused on delivering technology that enhances the customer experience. Learn more at http://news.centurylink.com/.

Amadeus

amadeus.com

We make the experience of travel better for everyone, everywhere by inspiring innovation, partnerships and responsibility to people, places and planet. Our technology powers the travel and tourism industry. We inspire more connected ways of thinking, centered around the traveler. Our platform connects the travel and hospitality ecosystem. We are making travel a force for social and environmental good. We are passionate about travel. With a unique perspective, at the heart of our industry, we are redesigning the travel of tomorrow.

Globant

cb globant.link

At Globant, we create the digitally-native products that people love. We bridge the gap between businesses and consumers through technology and creativity, leveraging our experience as an AI powerhouse. We dare to digitally transform organizations and strive to delight their customers. - We have more than 30,000 employees and are present in 33 countries across 5 continents, working for companies like Google, Electronic Arts, and Santander, among others. - We were named a Worldwide Leader in AI Services (2023) and a Worldwide Leader in CX Improvement Services (2020) by IDC MarketScape report. - We are the fastest-growing IT brand and the 5th strongest IT brand globally (2024), according to Brand Finance. - We were featured as a business case study at Harvard, MIT, and Stanford. - We are active members of The Green Software Foundation (GSF) and the Cybersecurity Tech Accord. For more information, visit https://bit.ly/globant_com Follow us: http://www.twitter.com/globant http://www.youtube.com/Globant http://www.facebook.com/Globant https://instagram.com/Globant https://www.tiktok.com/@globant

Infosys

infosys.com

Infosys is a global leader in next-generation digital services and consulting. We enable clients in more than 50 countries to navigate their digital transformation. With over three decades of experience in managing the systems and workings of global enterprises, we expertly steer our clients through their digital journey. We do it by enabling the enterprise with an AI-powered core that helps prioritize the execution of change. We also empower the business with agile digital at scale to deliver unprecedented levels of performance and customer delight. Our always-on learning agenda drives their continuous improvement through building and transferring digital skills, expertise, and ideas from our innovation ecosystem. Visit www.infosys.com to see how Infosys (NYSE: INFY) can help your enterprise navigate your next.

Ingram Micro

ingrammicro.com

Ingram Micro is a leading technology company for the global information technology ecosystem. With the ability to reach nearly 90% of the global population, we play a vital role in the worldwide IT sales channel, bringing products and services from technology manufacturers and cloud providers to a highly diversified base of business-to-business technology experts. Through Ingram Micro Xvantage™, our AI-powered digital platform, we offer what we believe to be the industry’s first comprehensive business-to-consumer-like experience, integrating hardware and cloud subscriptions, personalized recommendations, instant pricing, order tracking, and billing automation. We also provide a broad range of technology services, including financing, specialized marketing, and lifecycle management, as well as technical pre- and post-sales professional support. Learn more at www.ingrammicro.com.

Loading…

NEWS

Spacewell CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-8023

SUMMARY

Zephyr's HTTP server (subsys/net/lib/http) provides a static-filesystem resource type (HTTP_RESOURCE_TYPE_STATIC_FS, available when CONFIG_FILE_SYSTEM is enabled) that serves files from a configured root directory. Before this fix, both the HTTP/1 and HTTP/2 front-ends placed the raw, attacker-controlled request path into client-url_buffer (assembled in on_url() for HTTP/1 and copied verbatim from the :path pseudo-header for HTTP/2) without resolving ./.. segments. The static-FS handler then built the on-disk filename by directly concatenating the configured root with that raw URL (snprintk(fname, ..., "%s%s", static_fs_detail-fs_path, client-url_buffer) at http_server_http1.c:603 and http_server_http2.c:490) and opened it with fs_open(fname, FS_O_READ). Because the handler is reached via wildcard/leading-dir (fnmatch FNM_LEADING_DIR) or fallback resource matching, a request such as GET /<prefix/../../<file is dispatched to the handler and, after the underlying filesystem (e.g. LittleFS/FAT) resolves the .. segments, escapes the configured web root, letting an unauthenticated remote client read arbitrary readable files on the mounted volume (information disclosure). The HTTP server requires no TLS or authentication to reach this path. The fix adds http_server_remove_dot_segments(), which canonicalizes the path portion of the URL before resource lookup in both protocol handlers, neutralizing the traversal. Affects releases v4.0.0 through v4.4.0 for deployments that register a static-filesystem resource.

Published

Date2026-06-29

Updated

Date2026-06-29

RISK INFORMATION (Score: 7.5)

cvss3

Base Score: 7.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Impact Score

3.6

Exploitability

3.9

REFERENCES

CVE-2026-7656

SUMMARY

The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6_nbr.c (handle_ra_input, handle_ns_input, handle_na_input) used an incorrect boolean expression that combined the RFC 4861 validity checks with the ICMPv6 code check using the wrong operator precedence: the form was '((length/hop/source/target checks) && (icmp_hdr-code != 0))'. Because every legitimate ND message carries ICMPv6 code 0, an attacker setting code == 0 (the normal value) caused the entire predicate to evaluate false, so the packet was never dropped and all of the other checks were silently skipped. The bypassed checks include the mandatory Hop Limit == 255 verification (which proves an ND packet originated on-link and was not forwarded) and, for Router Advertisements, the requirement that the source be a link-local address, as well as multicast-target sanity checks. As a result, an adjacent on-link attacker — and, because the Hop-Limit-255 guard is bypassed, potentially a remote/off-link attacker whose packets would otherwise be rejected — can have forged Router Advertisement, Neighbor Solicitation, and Neighbor Advertisement messages accepted. A forged RA lets the attacker reconfigure the victim's default router, on-link prefixes (SLAAC), MTU, reachable/retransmit timers, and (with CONFIG_NET_IPV6_RA_RDNSS) DNS servers, while forged NS/NA enable neighbor-cache poisoning, enabling man-in-the-middle, traffic redirection, and denial of service. The flaw is an input-validation/authentication weakness rather than a memory-safety issue: the underlying packet-parsing primitives (net_pkt_get_data, net_pkt_read, net_pkt_skip) are independently bounds-safe and the validated 'length' is the true buffer length, so skipping the length check causes no out-of-bounds access. The defect has existed since the logic was introduced in 2018 and shipped in all releases through v4.4.0; it is fixed by splitting the condition so any failing check drops the packet.

Published

Date2026-06-29

Updated

Date2026-06-29

RISK INFORMATION (Score: 8.1)

cvss3

Base Score: 8.1

Complexity: LOW

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Impact Score

5.2

Exploitability

2.8

REFERENCES

CVE-2026-51219

SUMMARY

A heap buffer overflow in the HighPriorityASDUQueue_hasUnconfirmedIMessages function of lib60870 v2.3.3 to v2.3.6 allows attackers to cause a Denial of Service (DoS) via a crafted payload.

Published

Date2026-06-29

Updated

Date2026-06-29

RISK INFORMATION (Score: )

Impact Score

Exploitability

REFERENCES

CVE-2026-51218

SUMMARY

A heap buffer overflow in the TS7Worker::PerformFunctionWrite() function (/core/s7_server.cpp) of snap7 v1.4.3 allows attackers to cause a Denial of Service (DoS) via a crafted packet.

Published

Date2026-06-29

Updated

Date2026-06-29

RISK INFORMATION (Score: )

Impact Score

Exploitability

REFERENCES

CVE-2026-10648

SUMMARY

mcumgr_serial_process_frag() in subsys/mgmt/mcumgr/transport/src/serial_util.c calls net_buf_reset() on the result of smp_packet_alloc() before checking it for NULL. smp_packet_alloc() uses net_buf_alloc(K_NO_WAIT) against the shared MCUmgr packet pool (CONFIG_MCUMGR_TRANSPORT_NETBUF_COUNT, default 4), which returns NULL when the pool is exhausted. In default builds the __ASSERT_NO_MSG in net_buf_reset is a no-op, so net_buf_simple_reset writes through the NULL pointer (buf->len = 0; buf->data = buf->__buf), causing a fault/crash. The fragment data reaches this code from attacker-controlled bytes on the MCUmgr serial/UART/shell-console transports (smp_uart.c, smp_raw_uart.c, smp_shell.c), and a fresh buffer is allocated at the start of essentially every new packet. An attacker on the serial/console link can flood the transport to drive the 4-entry buffer pool to exhaustion and induce the NULL dereference, crashing the device (denial of service). The defect was introduced after the original MCUmgr rework and shipped in Zephyr v4.4.0. The fix moves the NULL check ahead of net_buf_reset.

Published

Date2026-06-29

Updated

Date2026-06-29

RISK INFORMATION (Score: 6.2)

cvss3

Base Score: 6.2

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score

3.6

Exploitability

2.5

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…