CISA adds vulnerabilities to KEV Catalog and market forecasts - Week of November 17, 2025

Recent updates across cybersecurity vulnerabilities, market trends in digital infrastructure, and leadership changes highlight critical developments for professionals in enterprise technology. CISA has added multiple vulnerabilities, including CVE-2025-21042 for Samsung mobile devices and CVE-2025-61932 for Motex LANSCOPE, to its Known Exploited Vulnerabilities (KEV) Catalog, emphasizing the importance of timely remediation. This brings attention to vulnerabilities impacting federal networks and urges organizations to prioritize their security measures. On the market front, the Dell’Oro Group forecasts that the Hybrid Mesh Firewall and Microsegmentation markets will exceed $26 billion by 2029, driven by the increasing adoption of zero-trust security protocols. Additionally, significant leadership appointments, such as Kristen Pressner at Nokia, signal ongoing efforts to enhance organizational cultures and operational performance in response to evolving industry demands.

1. CISA adds CVE-2025-21042 to KEV Catalog CISA emphasizes the need for timely remediation of vulnerabilities in its KEV Catalog, including the newly added CVE-2025-21042.
2. Dell’Oro Group Forecasts $26B Hybrid Mesh Firewall and Microsegmentation Market by 2029 Dell’Oro Group’s new report forecasts Hybrid Mesh Firewall and Microsegmentation markets to exceed $26B by 2029 as enterprises embrace zero-trust.
3. CORS and Domain Name System (DNS) Rebinding Vulnerability Reported A DNS rebinding attack combined with CORS manipulation can lead to unauthorized access to sensitive data across private networks.
4. CISA Adds One Known Exploited Vulnerability to Catalog CISA adds CVE-2025-61932 to its KEV Catalog, emphasizing need for remediation across federal networks.
5. CISA adds CVE-2025-61932 to KEV Catalog CISA includes CVE-2025-61932 in its KEV Catalog due to evidence of ongoing exploitation.
6. Humanix launches Artificial Intelligence (AI) solution to combat social engineering attacks Humanix has launched a solution to combat social engineering attacks using AI trained on human psychology. The company aims to provide real-time detection and response capabilities for these attacks, which have become the leading breach vector for organizations worldwide.
7. HAProxy Technologies Launches HAProxy Unified Gateway to Simplify Kubernetes Traffic Management HAProxy Technologies has launched the public beta of the HAProxy Unified Gateway, an open-source solution for Kubernetes traffic management. It integrates both the Gateway Application Programming Interface (API) and Ingress standards, offering features such as flexible protocol support and Role-Based Access Control (RBAC) for improved operational management.
8. Cloudera and Finextra report reveals challenges in AI adoption for financial services Cloudera and Finextra Research report that 97% of financial firms face data silos hampering AI implementation strategies.
9. CISA Adds Three Vulnerabilities to KEV Catalog CISA has included three new vulnerabilities in its KEV Catalog due to active exploitation evidence.
10. VU#974249: Sunshine for Windows vulnerabilities identified Sunshine for Windows contains two security issues allowing local attackers to execute arbitrary code and escalate privileges.
11. Advantech partners with Rohde & Schwarz to deliver Wi-Fi compliant and deployment-ready industrial 802.11be (Wi-Fi 7) modules Advantech collaborates with Rohde & Schwarz to develop a validation framework for industrial Wi-Fi 7 modules. This partnership aims at accelerating compliance processes and enhancing performance reliability in demanding applications such as medical imaging and robotics.
12. Huawei partners on AI solution for dolphin protection Huawei and partners reported progress on an AI solution for conserving Chinese white dolphins, identifying 13 individuals with high accuracy.
13. MLCommons Releases MLPerf Training v5.1 Results MLCommons announces MLPerf Training v5.1 results, showing improved performance in Generative AI (GenAI) scenarios with increased system diversity.
14. CloudBees’ first DevOps Migration Index finds big-bang platform migrations drain budgets and stall innovation, without delivering the expected ROI. CloudBees' DevOps Migration Index reveals average migration costs of $315K due to overruns and inefficiencies for enterprises.
15. Itential discusses AI's integration into automation processes. Itential discusses the integration of AI into automation processes, emphasizing a hybrid model that maintains control and compliance.
16. CISA Issues 18 Advisories on Industrial Control Systems Vulnerabilities CISA has issued 18 advisories on vulnerabilities in Industrial Control Systems, including those from Mitsubishi Electric and Siemens.
17. 79% of manufacturing executives recognize circularity's value, yet only 20% have effective supply chains 79% of manufacturing executives see circularity as vital, yet only 20% have built effective circular supply chains.
18. Delta Electronics earns Frost & Sullivan's 2025 Europe Company of the Year award for integrated energy solutions. Delta Electronics expanded its market presence, focusing on renewable energy and Electric Vehicle (EV) infrastructure in Europe.
19. Avast launches AI-powered Scam Guardian for mobile Avast launched Scam Guardian and Scam Guardian Pro for AI-enhanced scam protection on mobile devices in France and Germany.
20. Delta Electronics addresses CNCSoft-G2 vulnerability CISA assists Delta Electronics in reporting a serious vulnerability in CNCSoft-G2 that could allow arbitrary code execution.
21. ONES and NVIDIA Spectrum-X deliver AI fabric orchestration NVIDIA Spectrum-X and ONES together streamline design and deployment processes for AI workloads.
22. Nokia appoints Kristen Pressner as Chief People Officer Kristen Pressner, formerly at Roche, will enhance Nokia's culture and performance as Chief People Officer from May 1, 2026.
23. Deep Packet Inspection through User Defined Filtering (UDF) with Aviz OPB A recent blog post discusses the value of Deep Packet Inspection for enterprises, emphasizing its precision in monitoring network traffic.
24. Mplify announces speaker lineup for Global Network as a Service (NaaS) Event Executives from leading companies will share insights on Network as a Service (NaaS) and AI-driven strategies at Mplify's event in Dallas.
25. Vonage Launches Fraud Prevention Network APIs Across Major U.S. Carriers Vonage has launched its fraud prevention Network APIs across major U.S. carriers, designed for enterprises and developers to enhance security.