Comparison Overview

Q: Between Telcel company and Orange company, which one has the best AI Cybersecurity Score ?

Telcel company demonstrates a stronger AI Cybersecurity Score compared to Orange company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Q: Between Telcel company and Orange company, which one has experienced more cyber incidents in the past ?

Orange company has historically faced a number of disclosed cyber incidents, whereas Telcel company has not reported any.

Q: Between Telcel company and Orange company, which one has experienced more cyber incidents this year ?

In the current year, Orange company has reported more cyber incidents than Telcel company.

Q: Between Telcel company and Orange company, which one has experienced at least one ransomware attack ?

Orange company has confirmed experiencing a ransomware attack, while Telcel company has not reported such incidents publicly.

Q: Between Telcel company and Orange company, which one has experienced at least one data breach ?

Orange company has disclosed at least one data breach, while Telcel company has not reported such incidents publicly.

Q: Between Telcel company and Orange company, which one has experienced at least one targeted cyberattack ?

Orange company has reported targeted cyberattacks, while Telcel company has not reported such incidents publicly.

Q: Between Telcel company and Orange company, which one has experienced at least one vulnerability ?

Neither Telcel company nor Orange company has reported experiencing or disclosing vulnerabilities publicly.

Q: Between Telcel company and Orange company, which one holds the most compliance certifications ?

Neither Telcel nor Orange holds any compliance certifications.

Q: Between Telcel company and Orange company, which one has the most subsidiaries ?

Orange company has more subsidiaries worldwide compared to Telcel company.

Telcel

Lago Zurich, Granada, Distrito Federal, 11520, MX

Last Update: 2025-12-09

View Profile

Between 750 and 799

http://www.telcel.com

Telcel (Radiomóvil Dipsa) es subsidiaria de América Móvil, uno de los mayores proveedores de comunicaciones celulares de Latinoamérica, grupo líder con inversiones en telecomunicaciones en varios países del continente americano. Telcel es la empresa de telefonía celular líder en México. Nuestra solidez y estructura nos consolidan gracias a la especialización y actualización permanente de todas las personas que trabajamos en ella. Todos nosotros estamos comprometidos a satisfacer de manera eficaz y constante todas las necesidades de comunicación inalámbrica de nuestros clientes.

NAICS: 517

NAICS Definition: Telecommunications

Employees: 15,551

Subsidiaries: 0

12-month incidents

0

Known data breaches

0

Attack type number

0

View Profile

Orange

111, Quai du Président Roosevelt, None, Issy-les-Moulineaux, Île-de-France, FR, 92130

Last Update: 2025-12-11

Between 0 and 549

https://www.orange.com

Orange is one of the world’s leading telecommunications operators with revenues of 40.3 billion euros in 2024 and 127,000 employees worldwide at 31 December 2024, including 71,000 employees in France. The Group has a total customer base of 291 million customers worldwide at 31 December 2024, including 253 million mobile customers and 22 million fixed broadband customers. The Group is present in 26 countries. Orange is also a leading provider of global IT and telecommunication services to multinational companies under the brand Orange Business. In February 2023, the Group presented its strategic plan « Lead the future », built on a new business model and guided by responsibility and efficiency. « Lead the future » capitalizes on network excellence to reinforce Orange's leadership in service quality.

NAICS: 517

NAICS Definition: Telecommunications

Employees: 132,461

Subsidiaries: 26

12-month incidents

3

Known data breaches

3

Attack type number

3

Telcel

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Orange

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Telecommunications Industry Average (This Year)

No incidents recorded for Telcel in 2025.

Incidents vs Telecommunications Industry Average (This Year)

Orange has 294.74% more incidents than the average of same-industry companies with at least one recorded incident.

Incident History — Telcel (X = Date, Y = Severity)

Telcel cyber incidents detection timeline including parent company and subsidiaries

Incident History — Orange (X = Date, Y = Severity)

Orange cyber incidents detection timeline including parent company and subsidiaries

Telcel

Incidents

No Incident

Orange

Incidents

Date Detected: 9/2025

Type:Cyber Attack

Attack Vector: Exploitation de données personnelles volées, Ingénierie sociale, SIM swapping

Motivation: Fraude financière, Vol d'identité, Accès non autorisé à des comptes en ligne

Blog: Blog

Date Detected: 8/2025

Type:Cyber Attack

Blog: Blog

Date Detected: 7/2025

Type:Ransomware

Attack Vector: ransomware (Warlock), system compromise

Motivation: financial gain, data theft

Blog: Blog

Telcel company demonstrates a stronger AI Cybersecurity Score compared to Orange company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Orange company has historically faced a number of disclosed cyber incidents, whereas Telcel company has not reported any.

In the current year, Orange company has reported more cyber incidents than Telcel company.

Orange company has confirmed experiencing a ransomware attack, while Telcel company has not reported such incidents publicly.

Orange company has disclosed at least one data breach, while Telcel company has not reported such incidents publicly.

Orange company has reported targeted cyberattacks, while Telcel company has not reported such incidents publicly.

Neither Telcel company nor Orange company has reported experiencing or disclosing vulnerabilities publicly.

Neither Telcel nor Orange holds any compliance certifications.

Neither company holds any compliance certifications.

Orange company has more subsidiaries worldwide compared to Telcel company.

Orange company employs more people globally than Telcel company, reflecting its scale as a Telecommunications.

Neither Telcel nor Orange holds SOC 2 Type 1 certification.

Neither Telcel nor Orange holds SOC 2 Type 2 certification.

Neither Telcel nor Orange holds ISO 27001 certification.

Neither Telcel nor Orange holds PCI DSS certification.

Neither Telcel nor Orange holds HIPAA certification.

Neither Telcel nor Orange holds GDPR certification.

Description

NXLog Agent before 6.11 can load a file specified by the OPENSSL_CONF environment variable.

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss3

Base: 8.1

Severity: HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

References

https://docs.nxlog.co/agent/current/release-notes.html#nxlog-agent-6-11

Description

uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss3

Base: 2.9

Severity: HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

References

Description

A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is sufficient to fix this issue. You should upgrade the affected component. The vendor confirms that this is "[f]ixed in version 4.10.2". Furthermore, that "[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete."

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss2

Base: 5.0

Severity: LOW

AV:N/AC:L/Au:N/C:N/I:P/A:N

cvss3

Base: 4.3

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

cvss4

Base: 5.3

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

MJML through 4.18.0 allows mj-include directory traversal to test file existence and (in the type="css" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss3

Base: 4.5

Severity: HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L

References

https://github.com/mjmlio/mjml/issues/3018

Description

A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss3

Base: 5.8

Severity: HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

References

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

Telcel

VS

Orange

Telcel

Orange

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Telecommunications Industry Average (This Year)

Incidents vs Telecommunications Industry Average (This Year)

Incident History — Telcel (X = Date, Y = Severity)

Incident History — Orange (X = Date, Y = Severity)

Notable Incidents

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2025-67900

Risk Information

CVE-2025-67899

Risk Information

CVE-2025-14691

Risk Information

CVE-2025-67898

Risk Information

CVE-2025-13281

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

Telcel

VS

Orange

Telcel

Orange

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Telecommunications Industry Average (This Year)

Incidents vs Telecommunications Industry Average (This Year)

Incident History — Telcel (X = Date, Y = Severity)

Incident History — Orange (X = Date, Y = Severity)

Notable Incidents

No Incident

🔒 Incident : Cyber Attack ORA814090225

🔒 Incident : Cyber Attack ORA1764727825

🔒 Incident : Ransomware ORA751082525

FAQ

Between Telcel company and Orange company, which one has the best AI Cybersecurity Score ?

Between Telcel company and Orange company, which one has experienced more cyber incidents in the past ?

Between Telcel company and Orange company, which one has experienced more cyber incidents this year ?

Between Telcel company and Orange company, which one has experienced at least one ransomware attack ?

Between Telcel company and Orange company, which one has experienced at least one data breach ?

Between Telcel company and Orange company, which one has experienced at least one targeted cyberattack ?

Between Telcel company and Orange company, which one has experienced at least one vulnerability ?

Between Telcel company and Orange company, which one holds the most compliance certifications ?

Between Telcel company and Orange company, which one holds the fewest compliance certifications ?

Between Telcel company and Orange company, which one has the most subsidiaries ?

Between Telcel company and Orange company, which one has the largest number of employees ?

Between Telcel and Orange, which company holds both SOC 2 Type 1 certifications ?

Between Telcel and Orange, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — Telcel or Orange ?

Which company is PCI DSS compliant — Telcel or Orange ?

Between Telcel and Orange, which company complies with HIPAA regulations for healthcare data ?

Between Telcel and Orange, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2025-67900

Risk Information

CVE-2025-67899

Risk Information

CVE-2025-14691

Risk Information

CVE-2025-67898

Risk Information

CVE-2025-13281

Risk Information