High severity7.1NVD Advisory· Published Jun 24, 2025· Updated Apr 15, 2026

CVE-2025-27827

Description

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.2.0.3 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper handling of session data. A successful exploit requires user interaction and could allow an attacker to access sensitive information, leading to unauthorized access to active chat rooms, reading chat data, and sending messages during an active chat session.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.mitel.com/support/security-advisoriesnvd
www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0002-0nvd

News mentions

No linked articles in our index yet.

cvss	0.461
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000