External risk intelligence

Intrado 911 Gateway allows attackers to read sensitive files.

CVE advisorySeverity: CRITICAL (CVSS 9.3)

CVE-2026-6074

A critical flaw in the Intrado 911 Emergency Gateway lets anyone read sensitive files, potentially impacting emergency communications.

4Halo Surface Signal

Path Traversal

External exposure likelihood

Halo Surface Signal score for CVE-2026-6074

The product is an emergency gateway appliance, which acts as an edge device. The vulnerability affects a web-accessible management endpoint, which in common gateway deployments is network-reachable to facilitate administration or external connectivity, making it a likely candidate for exposure.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Horizon Alert

Summary of the vulnerability and why it matters

A critical flaw exists in the Intrado 911 Emergency Gateway allowing an attacker to potentially access sensitive system files. This issue requires immediate attention as it could compromise the integrity of critical emergency communication infrastructure.

  • Attackers can read arbitrary files.
  • Emergency communication systems are at risk.
  • This vulnerability is remotely exploitable.

Attack Path

How an attacker could exploit the issue

An unauthenticated attacker can exploit this flaw to read sensitive files from the server's filesystem. This could be achieved by sending a specially crafted request to the download\_debuglog\_file.php endpoint. The goal would be to gain unauthorized access to system information, configuration files, or potentially credentials stored on the Intrado 911 Emergency Gateway.

  • No authentication required.
  • Targets debug log download endpoint.
  • Reads arbitrary files.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability in the Intrado 911 Emergency Gateway's debug log download feature presents a serious risk. Attackers are likely to target this because it allows them to read arbitrary files on the system without authentication, potentially exposing sensitive data or gaining further system insight. The web-accessible nature of the endpoint on an emergency gateway makes it a prime target for external threats.

  • Unauthenticated arbitrary file read.
  • Critical severity, network-accessible endpoint.
  • No evidence of active exploitation currently.

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

Prioritize immediate mitigation for Intrado 911 EGW devices due to the critical path traversal vulnerability. Focus on blocking access to the `download_debuglog_file.php` endpoint and consider isolating affected devices if immediate patching is not feasible.

  • Block direct network access to the endpoint.
  • Isolate potentially affected systems from the network.
  • Monitor logs for unauthorized file access attempts.

Frequently asked questions

What is the Intrado 911 Emergency Gateway and its role in emergency communications?

The Intrado 911 Emergency Gateway (EGW) is a critical product for managing emergency communications. It functions by directing 911 calls and associated data, serving as essential infrastructure for emergency services.

What type of weakness does CVE-2026-6074 represent and how is it classified?

CVE-2026-6074 is a path traversal vulnerability, classified under CWE-35. This weakness allows an attacker to manipulate file path operations by providing specially crafted input to trick the software into accessing files or directories beyond its intended scope.

How can an unauthenticated attacker exploit the CVE-2026-6074 vulnerability within the Intrado 911 EGW?

An unauthenticated attacker can exploit this vulnerability by manipulating the 'name' parameter in the download_debuglog_file.php endpoint. This manipulation enables them to read arbitrary files from the server's filesystem, potentially accessing sensitive system information or configuration details.

What is the relevance of CVE-2026-6074 to emergency communication systems?

The relevance of CVE-2026-6074 to emergency communication systems is critical, as it affects the Intrado 911 Emergency Gateway. Exploitation could lead to unauthorized access to sensitive data within these vital communication infrastructures. Halo Surface Signal assesses this as 'Likely' to be exposed due to its function as an edge device with network-accessible management endpoints.

What practical steps should be taken to mitigate the CVE-2026-6074 vulnerability?

To mitigate CVE-2026-6074, prioritize blocking direct network access to the download_debuglog_file.php endpoint. If immediate patching is not possible, consider isolating affected Intrado 911 EGW devices from the network and diligently monitor logs for any signs of unauthorized file access attempts.

References

Sources and related resources

Primary sources: NVD, CVE.org.

NVDPublished Modified