Critical Path Traversal Vulnerability CVE-2026-6074 in Intrado 911 Emergency Gateway Exposes Emergency Services to High-Risk Exploitation

# Critical Path Traversal Vulnerability CVE-2026-6074 in Intrado 911 Emergency Gateway Exposes Emergency Services to High-Risk Exploitation

What happened

On April 23, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) publicly disclosed a critical vulnerability identified as CVE-2026-6074 in the Intrado 911 Emergency Gateway (EGW) product line. This vulnerability is a path traversal flaw that allows an attacker with existing network access to bypass authentication controls on the EGW management interface. Successful exploitation enables unauthorized reading, modification, or deletion of files on the affected system.

This vulnerability impacts Intrado Emergency Gateway versions 5.x, 6.x, and 7.x, which are widely deployed in emergency services infrastructure globally. The vulnerability carries a CVSS v3.1 base score of 9.8, indicating a critical severity level with potential for complete compromise of the affected system.

Confirmed facts

• Vulnerability Type: Path traversal (CWE-35) allowing directory traversal via specially crafted requests.
• Affected Products: Intrado Emergency Gateway versions 5.x, 6.x, and 7.x.
• Impact: Unauthenticated attackers with network access can access the management interface, read, modify, or delete files.
• CVSS Score: 9.8 (Critical)
• Vendor Response: Intrado released a software patch on March 2, 2026, addressing this vulnerability and has been coordinating with customers to apply updates.
• Disclosure: Reported anonymously to CISA, with no known active public exploitation detected as of April 2026.
• Mitigation Recommendations: Minimize network exposure, isolate control systems behind firewalls, use VPNs for remote access, and apply vendor patches immediately.

Who is affected

The Intrado 911 Emergency Gateway is a critical component in emergency communications infrastructure, routing 911 calls and related data to public safety answering points (PSAPs). Organizations operating versions 5.x through 7.x of this software worldwide are at risk, including:

• Public safety agencies and emergency response centers.
• Telecommunication providers supporting emergency services.
• Critical infrastructure entities relying on EGW for emergency call routing.

Given the broad deployment of Intrado EGW in emergency services, the vulnerability poses a significant risk to public safety operations, potentially disrupting emergency call handling and compromising sensitive emergency data.

What to do now

1. Immediate Patch Application: Organizations must prioritize deploying the Intrado patch released on March 2, 2026. Contact Intrado E911 Support at [email protected] for assistance.
2. Network Segmentation: Ensure EGW devices are isolated from the internet and business networks. Restrict access to trusted internal networks only.
3. Access Controls: Implement strict firewall rules and limit network access to EGW management interfaces.
4. Monitor for Suspicious Activity: Audit logs and network traffic for unauthorized access attempts targeting EGW devices.
5. Incident Response: Have a response plan ready to address potential exploitation, including notifying CISA and relevant authorities.

How to secure yourself

• Verify Software Versions: Confirm your Intrado EGW version and upgrade to the patched release.
• Use VPNs with Caution: If remote access is necessary, use updated VPNs with multi-factor authentication.
• Implement Defense-in-Depth: Combine network segmentation, endpoint security, and continuous monitoring.
• Educate Staff: Train personnel to recognize phishing and social engineering attempts that could be used to gain network access.
• Regular Audits: Conduct periodic security assessments of emergency communication systems.

2026 update

Throughout 2026, Intrado and CISA have increased collaboration to enhance the security posture of emergency communication systems. The March 2 patch for CVE-2026-6074 was part of a broader initiative to address legacy vulnerabilities in critical infrastructure software. CISA has also updated its Industrial Control Systems (ICS) security guidelines to emphasize proactive defense strategies, including network isolation and zero-trust principles for emergency services.

Additionally, CISA's 2026 advisories encourage organizations to adopt continuous monitoring solutions and integrate threat intelligence feeds to detect emerging threats targeting emergency infrastructure.

FAQ

What is CVE-2026-6074?

It is a critical path traversal vulnerability in Intrado 911 Emergency Gateway versions 5.x through 7.x that allows unauthenticated attackers to access and manipulate files via the management interface.

How can attackers exploit this vulnerability?

By sending specially crafted network requests exploiting directory traversal sequences, attackers can bypass authentication and access sensitive files.

Am I affected if I use Intrado EGW version 7.x?

Yes, versions 5.x, 6.x, and 7.x are all confirmed vulnerable.

Has this vulnerability been exploited in the wild?

As of April 2026, no public reports of active exploitation have been confirmed, but the risk remains high.

What should emergency service providers do immediately?

Apply the official patch from Intrado released on March 2, 2026, restrict network access to EGW devices, and monitor for suspicious activity.

Can VPNs fully protect against this vulnerability?

VPNs help secure remote access but are not a substitute for patching and network segmentation.

How does this vulnerability impact emergency call handling?

Compromise of the EGW could disrupt call routing, expose sensitive data, or allow attackers to manipulate emergency communications.

Where can I get support for patching?

Contact Intrado E911 Support at [email protected].

What are best practices to prevent similar vulnerabilities?

Implement defense-in-depth, maintain up-to-date software, segment networks, and train staff on cybersecurity awareness.

Why this matters

The Intrado 911 Emergency Gateway is a cornerstone of emergency response infrastructure, ensuring that 911 calls reach dispatchers reliably and securely. A critical vulnerability like CVE-2026-6074 threatens the integrity and availability of emergency communications, potentially endangering lives by disrupting timely response.

Given the high severity and ease of exploitation without authentication, this vulnerability underscores the urgent need for rigorous cybersecurity practices in public safety technology. The incident highlights the broader risks facing critical infrastructure software, where vulnerabilities can have cascading impacts on national security and public welfare.

Sources and corroboration

This article synthesizes information from the official CISA ICS Advisory ICSA-26-113-06 published on April 23, 2026, and Intrado vendor communications, including the March 2, 2026 patch release notes. Additional guidance and mitigation strategies are drawn from CISA’s ICS security best practice documents and technical information papers available at cisa.gov/ics.

• https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-06
• Intrado E911 Support communications
• CISA ICS-TIP-12-146-01B—Targeted Cyber Intrusion Detection and Mitigation Strategies

---

By consolidating these authoritative sources, this article provides a comprehensive and actionable overview for organizations to understand, mitigate, and secure their emergency communication systems against this critical threat in 2026.