Daily Intelligence Brief: Nokia, LMT 5G Defense Solution and CISA Advisory Updates - November 7, 2025

Nokia and Latvijas Mobilais Telefons (Latency Measurement Tool (LMT)) established an agreement to develop a 5G tactical communications solution for the Baltic defense segment. This initiative aims to enhance secure connectivity for military operations, specifically catering to the needs of regional defense activities.

The partnership integrates Nokia’s 5G radio technology with Latency Measurement Tool (LMT)’s defense capabilities to establish a resilient communication framework. This system will facilitate real-time data sharing among unmanned systems, sensors, and military personnel, improving situational awareness and interoperability in military operations.

LMT operates the first 5G military testbed at Ādaži base for NATO, which strengthens defense capabilities along the eastern flank. Juris Binde, President of LMT, stated this partnership bolsters security and resilience of allied forces. Nokia's Giuseppe Targia noted the 5G capabilities enhance military operations by allowing faster decision-making and improved tactical communications.

In another development, CISA announced updates to its Known Exploited Vulnerabilities (KEV) Catalog, adding vulnerabilities including CVE-2025-24893 and CVE-2025-41244 linked to active exploitation risks. These updates underscore the ongoing threat landscape and the importance of timely remediation efforts across various sectors.

Additionally, CISA advised users of vulnerabilities in the EcoStruxure products by Schneider Electric, classifying the risk level as high. Organizations utilizing these systems are urged to implement recommended cybersecurity measures to mitigate potential threats.

Furthermore, advisories targeting vulnerabilities in Delta Electronics' CNCSoft-G2 and Radiometrics' VizAir have been distributed, emphasizing the necessity for organizations to apply updates to address these security flaws and enhance protection from potential cyber threats.

1. Nokia and LMT form agreement for Baltic defense solution
   LMT operates Europe's first 5G military testbed at the Ādaži base, enhancing defense capabilities for NATO operations.
2. Nokia and LMT finalize agreement for tactical defense solution in Baltics
   Nokia and LMT partnered to develop a 5G tactical communications solution for the Baltic defense market.
3. VU#517845: Authenticated Simple Mail Transfer Protocol (SMTP) users can spoof identities via ambiguous From header
   Attention to email security is crucial as attackers utilize header spoofing, impacting user trust and sender verification.
4. Microsoft issues update for critical Windows Server Update Service vulnerability, CVE-2025-59287
   CISA added CVE-2025-59287 to its KEV Catalog, highlighting its potential security threat.
5. Schneider Electric identifies EcoStruxure vulnerability
   Schneider Electric reports a vulnerability in EcoStruxure products, scoring 8.2, impacting resource allocation and service availability.
6. CISA releases three Industrial Control Systems advisories
   CISA issued three ICS Advisories on vulnerabilities in Schneider Electric and Vertikal Systems products, providing security details.
7. Vertikal Systems identifies vulnerabilities in Hospital Manager services
   CISA recommends users secure networks against vulnerabilities in Vertikal Systems' Hospital Manager Backend Services effective September 19, 2025.
8. CISA adds two Dassault Systèmes vulnerabilities to catalog
   CISA updates its KEV Catalog with two Dassault Systèmes DELMIA Apriso vulnerabilities linked to active exploitation.
9. CISA Issues Advisories on Industrial Control Systems
   CISA has issued advisories on Industrial Control Systems addressing security vulnerabilities in ISO 15118-2 and Hitachi Energy TropOS.
10. Hitachi Energy warns of TropOS vulnerabilities
    CISA advises on defensive measures against vulnerabilities in Hitachi Energy's TropOS wireless devices.
11. CISA adds CVE-2025-24893 and CVE-2025-41244 to catalog
    CISA adds CVE-2025-24893 and CVE-2025-41244 to its KEV Catalog, citing active exploitation risks.
12. Vulnerability in ISO 15118-2 Affects Electric Vehicle (EV) Chargers
    A vulnerability in ISO 15118-2 related to EV chargers carries a Common Vulnerability Scoring System (CVSS) score of 7.2, highlighting risks in transportation.
13. CISA and NSA Release Guidance for Exchange Server Security
    CISA advises decommissioning outdated Exchange servers to mitigate risks and enhance cybersecurity measures.
14. CISA adds two vulnerabilities to the KEV Catalog
    CISA continues to update its KEV Catalog, urging all organizations to prioritize remediation of active vulnerabilities.
15. Survision License Plate Recognition Camera vulnerability
    CISA warns that a vulnerability in Survision's LPR Camera could lead to unauthorized access; users should implement security measures.
16. IDIS reports Intent Classification Module (ICM) Viewer vulnerability allowing code execution
    CISA warns users of ICM Viewer (v1.6.0.10) to address a vulnerability that allows arbitrary code execution. Immediate action needed.
17. Fuji Electric Monitouch V-SFT-6 Security Risks
    CISA alerts users on stack and heap overflows in Fuji Electric’s Monitouch V-SFT-6; cybersecurity measures recommended.
18. CISA publishes five advisories on Industrial Control Systems
    CISA issues five advisories on Industrial Control Systems, detailing vulnerabilities in products from Fuji Electric and Delta Electronics.
19. Delta Electronics issues CNCSoft-G2 advisory
    A vulnerability in Delta Electronics' CNCSoft-G2 could allow arbitrary code execution. Users are urged to update to 2.1.0.34.
20. Radiometrics reports VizAir vulnerabilities affecting airport operations
    CISA cautions about vulnerabilities in Radiometrics VizAir, urging users to adopt security measures following software updates.