PatchSiren cyber security CVE debrief
CVE-2026-6074 Raw CVE debrief
CVE-2026-6074 is a critical unauthenticated path traversal flaw in Intrado 911 Emergency Gateway (EGW) 5.x, 6.x, and 7.x. The vulnerable download_debuglog_file.php endpoint can be abused by manipulating the name parameter to read files outside the intended directory. CISA published the advisory on 2026-04-23, and Intrado states it released a software update on 2026-03-02 to address the issue.
- Vendor
- Raw
- Product
- Intrado Emergency Gateway 7.x 6.x 5.x
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-23
- Original CVE updated
- 2026-04-23
- Advisory published
- 2026-04-23
- Advisory updated
- 2026-04-23
Who should care
Organizations operating Intrado 911 Emergency Gateway appliances, especially teams responsible for emergency communications, OT/ICS-adjacent systems, and any environment exposing the EGW management or debug-download functionality.
Technical summary
The issue is a path traversal vulnerability in download_debuglog_file.php. Because the endpoint accepts an attacker-controlled name parameter and does not properly constrain file paths, an unauthenticated attacker can request files outside the debug log directory. The advisory assigns CVSS 3.1 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), reflecting that the flaw is network-reachable, requires no authentication, and can have severe confidentiality, integrity, and availability impact.
Defensive priority
Immediate. This is a remotely reachable, unauthenticated, critical vulnerability with vendor-provided remediation already available.
Recommended defensive actions
- Apply the Intrado software update released on 2026-03-02 as soon as possible for affected EGW 5.x, 6.x, and 7.x systems.
- Verify which Intrado Emergency Gateway instances are running affected versions and confirm they are included in patch planning.
- Restrict access to the EGW interface and any debug or administrative functionality to trusted management networks only.
- Review system and application logs for unusual requests to download_debuglog_file.php or unexpected file-access activity.
- Follow CISA ICS recommended practices for defensive hardening and coordinated patching in industrial or emergency-communications environments.
- Contact Intrado E911 Support at [email protected] if you need patching guidance or confirmation of remediation status.
Evidence notes
All core claims come from the supplied CISA CSAF advisory data for ICSA-26-113-06 / CVE-2026-6074. The advisory states that Intrado 911 Emergency Gateway (EGW) 5.x, 6.x, and 7.x contain a path traversal vulnerability in download_debuglog_file.php, that an unauthenticated attacker can manipulate the name parameter to read arbitrary files outside the intended directory, and that Intrado released a software update on 2026-03-02. CISA published the advisory on 2026-04-23. No KEV listing is provided in the supplied corpus.
Official resources
-
CVE-2026-6074 CVE record
CVE.org
-
CVE-2026-6074 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed by CISA on 2026-04-23. The advisory notes Intrado released a fixing software update on 2026-03-02.