CISA updates vulnerabilities and Nokia extends Telefónica RAN contract November 2025 - Week of December 1, 2025

Overview of Recent Activity

In the recent reporting period, the Cybersecurity and Infrastructure Security Agency (CISA) expanded its Known Exploited Vulnerabilities (KEV) Catalog with multiple newly identified flaws affecting products from vendors including Microsoft, Oracle, Fortinet, WatchGuard, Gladinet, and Motex. These vulnerabilities encompass authentication bypass, out-of-bounds write, race conditions, and buffer overflow issues with evidence of active exploitation. Industrial Control Systems (ICS) vendors such as Rockwell Automation, Siemens, Hitachi Energy, Schneider Electric, and Delta Electronics received advisories addressing security weaknesses. Network automation and management developments emerged through partnerships like Itential and Carahsoft. Telecommunications operators extended contracts for 5G infrastructure upgrades with Nokia, while Aviz detailed infrastructure shifts emphasizing Artificial Intelligence (AI) integration and software-first network observability. Market research highlighted projections for 5G network slicing growth, and cybersecurity evaluations updated ratings for Fortinet and Palo Alto Networks firewalls. Additionally, Finland adopted a telecom fraud mitigation solution by Elisa following regulatory measures. Upcoming industry events will focus on AI-powered networking automation and security.

Key Themes and Developments

Technology Releases & Product Enhancements

CISA issued advisories on multiple product vulnerabilities including Emerson Appleton UPSMON-PRO’s buffer overflow allowing remote code execution, and Automated Logic's WebCTRL Premium Server issues permitting open redirect and Cross-Site Scripting (XSS) attacks. Nokia secured a five-year extension with Telefónica Germany to modernize the Radio Access Network (RAN) with AirScale RAN and AI-enabled management platforms supporting 5G expansion. Aviz announced the appointment of Thomas Scheibe as Chief Product Officer to drive AI-driven networking product development.

Aviz proposed a software-centric network observability solution leveraging Data Plane Development Kit (DPDK) and reducing hardware dependence, aiming to enhance scalability and AI integration. The company also detailed integration of SONiC with IP Clos and Border Gateway Protocol (BGP) routing to optimize data center network operations with automated traffic assurance and Service Level Agreement (SLA) compliance.

Partnerships & Ecosystem Engagement

Itential formed a partnership with Carahsoft to deliver network automation and orchestration solutions to Public Sector agencies via established government contracts and reseller channels. This collaboration seeks to advance IT modernization and operational alignment through scalable API-driven automation for network and cloud infrastructure management.

Mplify announced speakers and program details for its upcoming Global Network as a Service (NaaS) event focusing on AI integration, automation, and security across a broad ecosystem of service providers, vendors, and enterprises including Bell Canada, Vodafone, Palo Alto Networks, AT&T, Verizon, and others. The event includes leadership forums, technical sessions, and ecosystem collaboration activities.

Infrastructure, Platform, or Deployment Updates

Ericsson’s November 2025 Mobility Report noted that 5G subscriptions have reached approximately one-third of mobile users worldwide, with network data traffic growing 20% over the past year. Network slicing deployments have moved beyond experimental phases, with 33 providers offering versions of the service. Standardization efforts for 6G RAN are underway, though core network development has not yet started.

In Finland, Elisa developed and deployed a telephony fraud mitigation solution that blocks caller ID spoofing and scam calls, receiving recognition from Europol and nomination for a European Crime Prevention Award. This nationwide implementation has substantially reduced fraudulent call volumes and associated financial losses.

Additional Updates from Other Organizations

CyberRatings.org updated enterprise firewall evaluation results for Fortinet FortiGate-200G and Palo Alto Networks PA-1410 after improvements addressing exploit evasion resistance. Both products now show elevated security effectiveness scores, enhancing their classifications among tested firewalls. Market share data indicated Ericsson, Huawei, and Nokia collectively hold over three-quarters of the network equipment market.

CISA issued thirteen advisories addressing industrial control system vulnerabilities affecting products from Rockwell Automation, Siemens, Hitachi Energy, Schneider Electric, and Delta Electronics, detailing specific risks, affected components, and remediation guidance. Six additional ICS advisories covered other products including Automated Logic WebCTRL and Emerson Appleton UPSMON-PRO, recommending review and mitigation measures for operational security.

Full Update Index

This intelligence brief summarizes developments from multiple sources published in November 2025, including CISA advisories, vendor announcements, market reports, partnerships, and event announcements relevant to enterprise IT infrastructure, networking, cybersecurity, AI integration, cloud platforms, and automation.

1. CISA adds three KEV to catalog
   CISA has updated its KEV Catalog with three new vulnerabilities under active exploitation, urging organizations to prioritize timely remediation to reduce cyberattack risks. The updates relate to vulnerabilities in WatchGuard Firebox, Gladinet Triofox, and Microsoft Windows.
2. CISA issues alert on SiRcom SMART Alert authentication bypass vulnerability
   SiRcom SMART Alert (SiSA) version 3.0.48 allows unauthenticated remote access to control emergency sirens via bypass of login.
3. CISA adds five KEV to catalog
   CISA has added five vulnerabilities with evidence of active exploitation to its KEV Catalog, urging federal agencies and organizations to prioritize remediation to reduce cyberattack exposure.
4. Ericsson reports 5G subscriptions at one-third of mobile users in November 2025 mobility report
   Ericsson Mobility Report shows 5G subscriptions at one-third of mobile subscriptions, with 20% data traffic growth between 2024 and 2025.
5. Elisa develops Finnish solution blocking scam calls recognized by Europol
   Finland blocked scam calls via Elisa's method, reducing losses and gaining Europol's recognition and EU award nomination.
6. Application Binary Interface (ABI) Research projects 5G network slicing market to reach $67.52 billion by 2030
   ABI Research projects global 5G network slicing market growth from $6.1B in 2025 to $67.52B by 2030 with Asia-Pacific leading.
7. CISA adds one known exploited vulnerability to catalog
   CISA adds CVE-2025-61932 for Motex LANSCOPE Endpoint Manager to its KEV Catalog, highlighting active exploitation risks.
8. Nokia extends contract with Telefónica Germany to upgrade RAN through 2030
   Nokia signed a 5-year contract extension with Telefónica Germany to modernize and upgrade its nationwide RAN through 2030. The deal features Nokia's Cloud RAN and AI-powered management solutions to support 5G network expansion and digitalization in Germany.
9. Aviz Networks outlines AI integration and infrastructure shifts for 2025
   Infrastructure changes in 2025 focus on compute, bandwidth, and AI integration affecting enterprise networks.
10. CISA issues alert on Automated Logic WebCTRL premium server vulnerabilities
    Automated Logic's WebCTRL Premium Server vulnerabilities allow redirection and script attacks; fixed in version 9.0 with mitigation advice.
11. Itential partners with Carahsoft to provide network automation to the Public Sector
    Itential and Carahsoft have partnered to provide network automation and orchestration solutions to the Public Sector through government contracts.
12. CISA issues alert on Emerson Appleton UPSMON-PRO buffer overflow vulnerability
    A stack-based buffer overflow in Emerson's Appleton UPSMON-PRO allows remote code execution via User Datagram Protocol (UDP) port 2601 in versions 2.6 and earlier.
13. CISA releases thirteen advisories on industrial control systems vulnerabilities
    CISA published thirteen advisories on October 16, 2025, regarding security issues and vulnerabilities in various Industrial Control Systems products from companies including Rockwell Automation, Siemens, Hitachi Energy, Schneider Electric, and Delta Electronics. Users and administrators are urged to review these advisories for mitigation guidance.
14. Aviz announces Thomas Scheibe as chief product officer
    Aviz appoints Thomas Scheibe as chief product officer to lead AI-driven networking product development.
15. CISA updates advisory on Akira ransomware with new attack details
    CISA updates Akira ransomware advisory outlining new attack methods and defensive patching recommendations.
16. CISA adds one known exploited vulnerability to catalog
    CISA has added CVE-2025-61757, a vulnerability in Oracle Fusion Middleware, to its KEV Catalog due to active exploitation.
17. PrivacyHawk appoints Steve Blackford as chief marketing officer
    PrivacyHawk appointed Steve Blackford as chief marketing officer to lead growth amid rising digital privacy concerns.
18. Mplify reveals speakers for Global Network as a Service (NaaS) Event on AI-powered network automation and security
    Mplify announced speakers for its Global NaaS Event focusing on AI, automation, and cybersecurity in November 2025.
19. Aviz outlines limitations of incumbent network observability solutions and proposes software-first alternative
    Network observability tools remain hardware-dependent and lack AI integration, limiting scalability and interoperability.
20. CyberRatings.org updates ratings for Fortinet and Palo Alto Networks enterprise firewalls
    CyberRatings.org updated firewall test results show Fortinet and Palo Alto Networks improved evasion resistance and security effectiveness.
21. Aviz Networks details SONiC integration with IP Clos and BGP for data center network optimization
    Data centers use IP Clos and BGP with SONiC and Aviz tools to enhance routing, maintenance, and SLA-backed reconvergence.
22. CISA issues update to KEV Catalog including Fortinet flaw
    CISA added CVE-2025-64446, a Fortinet FortiWeb path traversal flaw, to its KEV Catalog amid active exploitation.
23. CISA adds two vulnerabilities to KEV catalog
    CISA updates KEV Catalog with two new vulnerabilities affecting Adobe Commerce and Microsoft WSUS after active exploitation evidence.
24. CISA issues alert on vulnerabilities in Zenitel TCIV-3+ devices
    Zenitel's TCIV-3+ devices prior to version 9.3.3.0 have vulnerabilities including Operating System (OS) command injection, out-of-bounds write, and XSS. These issues could allow arbitrary code execution or Denial of Service (DoS). Mitigations include upgrading firmware and network security measures.
25. CISA releases six advisories on industrial control systems vulnerabilities
    CISA published six advisories on vulnerabilities in multiple Industrial Control Systems products, prompting review for mitigation.