Benvenuti nella pagina ufficiale di Volkswagen Italia.
CAF is a global leader in comprehensive transportation systems, shaping the future of sustainable mobility. More and more cities worldwide choose us as their strategic partner to tackle the challenges of mobility and decarbonisation of transport. Continuous innovation is the cornerstone of our company, enabling us to develop advanced solutions that meet the evolving needs of our customers. This has positioned CAF at the forefront of sustainable mobility as a benchmark company in global accessible rail markets and as the European leader in the zero-emission urban bus segment. These achievements would not be possible without the dedication of our workforce: a 16,000-strong team across more than 60 countries who demonstrate a firm commitment to excellence and quality. They are the driving force behind our success and ability to innovate and lead in sustainable mobility. Together, we are building a greener and more efficient future, transforming the way we move the world, and making a positive contribution to the well-being of the planet and its people. We know it’s time to step forward. Note: This is the official LinkedIn account of CAF Group that integrates the different legal entities that operate under CAF brand.
Security & Compliance Standards Overview
No incidents recorded for Volkswagen Italia in 2025.
No incidents recorded for CAF (Construcciones y Auxiliar de Ferrocarriles) in 2025.
Volkswagen Italia cyber incidents detection timeline including parent company and subsidiaries
CAF (Construcciones y Auxiliar de Ferrocarriles) cyber incidents detection timeline including parent company and subsidiaries
Last 3 Security & Risk Events by Company
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘percentage’ parameter in all versions up to, and including, 5.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files it will combine, which allows remote attackers to create very large responses that lead to a denial of service attack via the URL query string.
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine.
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and create arbitrary directories on the target machine.
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine.
