## Critical Path Traversal Vulnerability Disclosed in Intrado 911 Emergency Gateway **CISA** has released an advisory detailing a critical vulnerability affecting the **Intrado 911 Emergency Gateway (EGW)**, a key component in emergency services infrastructure worldwide. ### Vulnerability Summary The vulnerability, tracked as **CVE-2026-6074**, is a path traversal flaw that could allow an attacker to bypass authentication and gain unauthorized access to the EGW management interface. This could lead to the ability to read, modify, or delete sensitive files on the system. The vulnerability has a CVSS v3 score of 9.8, indicating its critical severity. [View CSAF](https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-06.json) ### Affected Products The following versions of **Intrado** EGW are affected: * Emergency Gateway 7.x (**CVE-2026-6074**) * Emergency Gateway 6.x (**CVE-2026-6074**) * Emergency Gateway 5.x (**CVE-2026-6074**) ### Technical Details The vulnerability stems from a path traversal condition, specifically the use of `'.../...//'` sequences, which allows attackers to navigate outside of the intended directory structure. This bypasses authentication mechanisms and grants access to the EGW management interface. The relevant CWE (Common Weakness Enumeration) is [CWE-35 Path Traversal: '.../...//'](https://cwe.mitre.org/data/definitions/35.html). ### Impact Successful exploitation of this vulnerability could have severe consequences, including: * Unauthorized access to sensitive data * Modification of critical system configurations * Deletion of essential files, leading to disruption of emergency services ### Recommended Mitigation Measures CISA recommends the following measures to mitigate the risk of exploitation: * **Minimize network exposure:** Ensure that control system devices are not directly accessible from the internet. * **Implement network segmentation:** Locate control system networks behind firewalls and isolate them from business networks. * **Secure remote access:** Use secure methods such as VPNs for remote access, and ensure VPNs are updated to the latest versions. * **Impact analysis and risk assessment:** Perform thorough analysis before deploying any defensive measures. * **Implement cybersecurity strategies:** Proactively defend ICS assets by implementing recommended cybersecurity strategies. CISA also advises users to be cautious of social engineering attacks and to avoid clicking on links or opening attachments in unsolicited emails. Organizations observing suspected malicious activity should follow internal procedures and report findings to CISA. ### Acknowledgements CISA acknowledges that an anonymous source reported this vulnerability. ### References * [CISA ICS Webpage](https://www.cisa.gov/ics) * [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](https://www.cisa.gov/publication/ics-tip-12-146-01b-targeted-cyber-intrusion-detection-and-mitigation-strategies) * [Recognizing and Avoiding Email Scams](https://www.cisa.gov/insights/recognizing-and-avoiding-email-scams) * [Avoiding Social Engineering and Phishing Attacks](https://www.cisa.gov/insights/avoiding-social-engineering-and-phishing-attacks)