Comparison Overview

STMicroelectronics

VS

TSMC

STMicroelectronics

39, Chemin du Champ des Filles, C. P. 21, Geneva, Switzerland, CH, CH 1228 Plan-Les-Ouates
Last Update: 2025-12-12
View Profile
Between 750 and 799
https://www.st.com?src=linkedin

ST is a global semiconductor leader delivering intelligent and energy-efficient products and solutions that power the electronics at the heart of everyday life. ST’s products are found everywhere today, and together with our customers, we are enabling smarter driving and smarter factories, cities and homes, along with the next generation of mobile and Internet of Things devices. By getting more from technology to get more from life, ST stands for life.augmented.

NAICS: 3344
NAICS Definition: Semiconductor and Other Electronic Component Manufacturing
Employees: 27,754
Subsidiaries: 2
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

TSMC

8, Li-Hsin Rd. 6, Hsinchu Science Park, Hsinchu, Taiwan, TW, 300
Last Update: 2025-12-09
Between 800 and 849
http://www.tsmc.com

Established in 1987, TSMC is the world's first dedicated semiconductor foundry. As the founder and a leader of the Dedicated IC Foundry segment, TSMC has built its reputation by offering advanced and "More-than-Moore"​ wafer production processes and unparalleled manufacturing efficiency. From its inception, TSMC has consistently offered the foundry segment's leading technologies and TSMC COMPATIBLE® design services. TSMC has consistently experienced strong growth by building solid partnerships with its customers, large and small. IC suppliers from around the world trust TSMC with their manufacturing needs, thanks to its unique integration of cutting-edge process technologies, pioneering design services, manufacturing productivity and product quality. The company's total managed capacity reached above 9 million 12-inch equivalent wafers in 2015. TSMC operates three advanced 12-inch wafer fabs, four eight-inch wafer fabs, one six-inch wafer fab (fab 2) and two backend fabs (advanced backend fab 1 and 2). TSMC also manages two eight-inch fabs at wholly owned subsidiaries: WaferTech in the United States and TSMC China Company Limited. TSMC also obtains eight-inch wafer capacity from other companies in which the Company has an equity interest. TSMC is listed on the Taiwan Stock Exchange (TWSE) under ticker number 2330, and its American Depositary Shares trade on the New York Stock Exchange (NYSE) under the symbol "TSM"​.

NAICS: 3344
NAICS Definition: Semiconductor and Other Electronic Component Manufacturing
Employees: 23,998
Subsidiaries: 0
12-month incidents
1
Known data breaches
2
Attack type number
2

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/stmicroelectronics.jpeg
STMicroelectronics
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/tsmc.jpeg
TSMC
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
STMicroelectronics
100%
Compliance Rate
0/4 Standards Verified
TSMC
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Semiconductor Manufacturing Industry Average (This Year)

No incidents recorded for STMicroelectronics in 2025.

Incidents vs Semiconductor Manufacturing Industry Average (This Year)

TSMC has 25.0% more incidents than the average of same-industry companies with at least one recorded incident.

Incident History — STMicroelectronics (X = Date, Y = Severity)

STMicroelectronics cyber incidents detection timeline including parent company and subsidiaries

Incident History — TSMC (X = Date, Y = Severity)

TSMC cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/stmicroelectronics.jpeg
STMicroelectronics
Incidents

No Incident

https://images.rankiteo.com/companyimages/tsmc.jpeg
TSMC
Incidents

Date Detected: 8/2025
Type:Breach
Attack Vector: Insider Access
Motivation: Financial Gain, Corporate Espionage
Blog: Blog

Date Detected: 07/2023
Type:Breach
Motivation: Financial gain
Blog: Blog

Date Detected: 05/2023
Type:Data Leak
Attack Vector: Darkweb Leak
Blog: Blog

FAQ

TSMC company demonstrates a stronger AI Cybersecurity Score compared to STMicroelectronics company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

TSMC company has historically faced a number of disclosed cyber incidents, whereas STMicroelectronics company has not reported any.

In the current year, TSMC company has reported more cyber incidents than STMicroelectronics company.

Neither TSMC company nor STMicroelectronics company has reported experiencing a ransomware attack publicly.

TSMC company has disclosed at least one data breach, while STMicroelectronics company has not reported such incidents publicly.

Neither TSMC company nor STMicroelectronics company has reported experiencing targeted cyberattacks publicly.

Neither STMicroelectronics company nor TSMC company has reported experiencing or disclosing vulnerabilities publicly.

Neither STMicroelectronics nor TSMC holds any compliance certifications.

Neither company holds any compliance certifications.

STMicroelectronics company has more subsidiaries worldwide compared to TSMC company.

STMicroelectronics company employs more people globally than TSMC company, reflecting its scale as a Semiconductor Manufacturing.

Neither STMicroelectronics nor TSMC holds SOC 2 Type 1 certification.

Neither STMicroelectronics nor TSMC holds SOC 2 Type 2 certification.

Neither STMicroelectronics nor TSMC holds ISO 27001 certification.

Neither STMicroelectronics nor TSMC holds PCI DSS certification.

Neither STMicroelectronics nor TSMC holds HIPAA certification.

Neither STMicroelectronics nor TSMC holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

A weakness has been identified in itsourcecode Online Pet Shop Management System 1.0. This vulnerability affects unknown code of the file /pet1/addcnp.php. This manipulation of the argument cnpname causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function image_check of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 2.6
Severity: HIGH
AV:N/AC:H/Au:N/C:N/I:P/A:N
cvss3
Base: 3.7
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
cvss4
Base: 6.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/update_student.php. This manipulation of the argument stud_id causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/save_user.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php. The manipulation of the argument user_id leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References