CVE-2025-27827 – Mitel MiContact Center Business Session Data Information Disclosure

June 24, 2025

CVE ID : CVE-2025-27827

Published : June 24, 2025, 2:15 p.m. | 23 minutes ago

Description : A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.2.0.3 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper handling of session data. A successful exploit requires user interaction and could allow an attacker to access sensitive information, leading to unauthorized access to active chat rooms, reading chat data, and sending messages during an active chat session.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-27828 – Mitel MiContact Center Business Reflected Cross-Site Scripting Vulnerability

Next Article CVE-2025-6566 – Oatpp Oat++ JSON DeserializeArray Stack-Based Buffer Overflow Vulnerability

Google’s Agent2Agent protocol finds new home at the Linux Foundation

Decoding The SVG path Element: Curve And Arc Commands

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

Summer Game Fest had a bit of a “weird” vibe this year — an extremely mixed bag of weak presentations and interesting titles

The Lenovo Legion Go 2 gets its first release date tease, which could be accurate — but treat with the biggest pinch of salt

Denmark will stick with Windows — government still plans to ditch Microsoft Office

OneDrive user locked out of “30 years worth of photos and work” without any support — calls Microsoft a “Kafkaesque black hole”

Best PHP Project for Final Year Students: Learn, Build, and get Successful with PHPGurukul

Best PHP Project for Final Year Students: Learn, Build, and get Successful with PHPGurukul

Community News: Latest PECL Releases (06.24.2025)

JSON module scripts are now Baseline Newly Available

Summer Game Fest had a bit of a “weird” vibe this year — an extremely mixed bag of weak presentations and interesting titles

Summer Game Fest had a bit of a “weird” vibe this year — an extremely mixed bag of weak presentations and interesting titles

The Lenovo Legion Go 2 gets its first release date tease, which could be accurate — but treat with the biggest pinch of salt

Denmark will stick with Windows — government still plans to ditch Microsoft Office

CVE-2025-27827 – Mitel MiContact Center Business Session Data Information Disclosure

Multiple vulnerabilities in Sitecore CMS | Kaspersky official blog

Don’t panic, but it’s only a matter of time before critical ‘CitrixBleed 2’ is under attack

SAP NetWeaver 0-day Vulnerability Exploited in the Wild to Deploy Webshells

zsh-autoenv automatically sources .autoenv.zsh files

CVE-2025-6502 – Code-projects Inventory Management System SQL Injection Critical Vulnerability

CVE-2025-46397 – “Fig2Dev Bezier Spline Code Execution Vulnerability”

Elder Scrolls Oblivion remaster surges to the number one spot on Steam, over 100,000 players have entered the gates of Oblivion

Cisco fixes max severity IOS XE flaw letting attackers hijack devices

How IPv4 Works – A Handbook for Developers

AlphaPlot generates 2D and 3D plots

CVE-2025-27827 – Mitel MiContact Center Business Session Data Information Disclosure

Related Posts