Security advisory: OSS vulnerability

Release date	27.01.2026
Reference	ESPPP-1340 ESPPP-1352
Criticality	CRITICAL
CVSS Score	9.8
Versions with the issue resolved	ProCall 8 Enterprise ≥ 8.9.3 ProCall Infinity 2603 UCConnect (updated 17 Feb 2026) ixi-Framework 8.0.3.1

Description

Security-critical error related to the underlying OpenSSL version (node.js) in UCWeb service

https://www.cve.org/CVERecord?id=CVE-2025-15467

OpenSSL: 12 Sicherheitslecks, eines erlaubt Schadcodeausführung und ist kritisch | heise online

Affected versions

This vulnerability affects all previously released versions of ProCall 8 Enterprise (all subversions) and ixi-Framework.

Versions with bug fixes

estos has already released updates that fix the vulnerability. Customers and partners can obtain the updates via the usual channels and follow the normal update process.

ProCall Infinity 2510.3 Released
ProCall 8 Enterprise ≥ 8.9.3 Released
UCConnect (Updated 17 Feb 2026)
ixi-Framework 8.0.3.1 Released

End-of-life

Please note the following: If you are using older estos product versions that are no longer supported (End-of-Life has been reached), we strongly recommend updating your software to the current versions for security reasons.
This is because security patches are only regularly developed and made available for current software versions.