CISA 2026-04-23

Intrado 911 Emergency Gateway (EGW)

CVE-2026-6074

Machine-generated analysis · WAYSCloud LLM

The vulnerability allows network-based attackers to bypass authentication on the Intrado 911 Emergency Gateway management interface. A CVSS 3.1 base score of 9.8 indicates high severity.

Context

Intrado 911 Emergency Gateway (EGW) is a platform used in emergency services infrastructure. The advisory describes a path traversal vulnerability (CWE-35) that permits unauthenticated access to the management interface. The vendor has released a software update for versions 5.x, 6.x, and 7.x to address this issue.

Operator considerations

Patch: Apply the software update released by Intrado on March 2nd, 2026.
Isolate: Restrict network access to the EGW management interface to trusted sources only.
Log: Monitor for unauthorized access attempts to the management interface.

From Cybersecurity and Infrastructure Security Agency ↗

Successful exploitation of this vulnerability could allow an attacker to read, modify, or delete files.

The following versions of Intrado 911 Emergency Gateway (EGW) are affected:

Emergency Gateway 7.x (CVE-2026-6074)

Emergency Gateway 6.x (CVE-2026-6074)

Emergency Gateway 5.x (CVE-2026-6074)

Vendor

Equipment

Intrado

Intrado 911 Emergency Gateway (EGW)

Path Traversal: '.../...//'

Critical Infrastructure Sectors: Emergency Services

Countries/Areas Deployed: Worldwide

Company Headquarters Location: United States

A path traversal condition in Intrado 911 Emergency Gateway could allow an attacker with existing network access the ability to access the EGW management interface without authentication. Successful exploitation of this vulnerability could allow a user to read, modify, or delete files.

Intrado 911 Emergency Gateway (EGW)

MitigationIntrado developed and released a ...

Read the full advisory on CISA →