Intrado 911 Emergency Gateway

Act Now10ICS-CERT ICSA-24-163-04Jun 11, 2024

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

SQL injection vulnerability in Intrado 911 Emergency Gateway affecting all versions. The gateway's database interface accepts malicious SQL commands without authentication, allowing remote attackers to execute code, steal call data including caller information and recordings, or modify emergency call routing logic and response parameters. Successful exploitation could disrupt emergency response operations or expose sensitive caller information to attackers.

What this means

What could happen

An attacker could execute arbitrary commands on your 911 Emergency Gateway, steal caller data, or alter emergency call routing and response information in the database. This directly threatens emergency response operations and public safety.

Who's at risk

Emergency call centers, public safety agencies, and emergency services providers who operate Intrado 911 Emergency Gateways. All versions are affected. The gateway handles critical infrastructure for emergency dispatch, making this a direct threat to public safety operations.

How it could be exploited

An attacker with network access to the 911 Emergency Gateway can send malicious SQL commands (SQL injection) to the gateway's database interface without any credentials. The gateway processes these commands with full database privileges, allowing the attacker to run code, extract sensitive data, or modify call records and routing decisions.

Prerequisites

Network access to the 911 Emergency Gateway (port/service not specified in advisory)
No authentication required

Remotely exploitableNo authentication requiredLow complexity attackCritical CVSS 10.0All versions vulnerableAffects safety systems (emergency dispatch)SQL injection (CWE-89)

Exploitability

Low exploit probability (EPSS 0.8%)

Affected products (1)

ProductAffected VersionsFix Status

911 Emergency Gateway (EGW): vers:all/*All versions5.5/5.6 branch or later

Remediation & Mitigation

0/5

Do now

0/4

HOTFIXContact Intrado technical support (1-888-908-4167 or E911Support@intrado.com) to obtain and apply the patch for firmware versions 5.5/5.6 branch

HARDENINGVerify your 911 Emergency Gateway is not directly accessible from the internet or untrusted networks; place behind a firewall with strict inbound access controls

HARDENINGIsolate the 911 Emergency Gateway network from your business/administrative network using network segmentation or air-gapping if possible

HARDENINGPerform a risk and impact assessment before deploying any mitigations to understand effects on emergency call handling and failover procedures

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HARDENINGIf remote access to the gateway is required, implement a VPN with current patches and strong authentication; do not rely on VPN alone

CVEs (1)

CVE-2024-1839

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/50a7d38b-d7ac-400f-adc8-2a91ee327359