Intrado 911 Gateway Path Traversal + AVEVA Pipeline Simulation Tampering: Public-Safety and OT Exposure Lead Today’s Risk

Intrado 911 Gateway Path Traversal + AVEVA Pipeline Simulation Tampering: Public-Safety and OT Exposure Lead Today’s Risk

Intrado 911 Emergency Gateway CVE-2026-6074: Emergency-Services Management Plane at Risk

Confidence: High

CISA ICS advisory ICSA-26-113-06 lists CVE-2026-6074, a path traversal vulnerability in Intrado 911 Emergency Gateway. Affected versions include Emergency Gateway 5.x, 6.x, and 7.x. CISA rates the issue CVSS 9.8.

The issue matters because EGW systems sit close to emergency-services operations. CISA says an attacker with network access to the management interface may be able to read, modify, or delete files without authentication. Even where exploitation requires access to a restricted network segment, exposed or poorly segmented management interfaces can turn this into a public-safety operational risk.

Action: Emergency-services, public-sector, and managed infrastructure teams should inventory Intrado EGW 5.x, 6.x, and 7.x deployments immediately. Restrict management-plane access, review logs for unexpected file access, and apply vendor remediation when confirmed.

AVEVA Pipeline Simulation CVE-2026-5387: OT Training Integrity Can Be Manipulated

Confidence: High

CISA ICS advisory ICSA-26-106-04 covers CVE-2026-5387 in AVEVA Pipeline Simulation versions up to and including 2025SP1build7.1.9497.6351. The flaw is a missing-authorization issue rated CVSS 9.1.

Successful exploitation can let an unauthenticated attacker modify simulation parameters, training configuration, and training records. This is not the same as direct pipeline control, but it is still operationally meaningful. Training simulator integrity shapes operator decisions during incidents. Tampered records or scenarios can weaken readiness, hide skill gaps, or create false confidence.

Action: OT and energy operators should identify AVEVA Pipeline Simulation deployments, confirm version status, isolate simulator management access, and follow AVEVA/CISA mitigation guidance.

Microsoft Power Apps CVE-2026-32172: Low-Code Platform Inventory Gap

Confidence: High

Microsoft’s MSRC feed lists CVE-2026-32172 as a Microsoft Power Apps remote code execution vulnerability published on 27 April. The official update-guide URL is available.

Power Platform estates are often less visible than server or endpoint fleets. Business units may run desktop clients, connectors, and dependencies outside normal vulnerability-management coverage. That makes this a practical inventory and patch-state problem as much as a CVE problem.

Action: Inventory Power Apps Desktop Client and related Power Platform dependencies, verify affected versions against Microsoft guidance, and apply the MSRC update path.

Ubuntu USN-8212-1 authd Privilege Escalation

Confidence: Medium

Canonical USN-8212-1 says authd incorrectly assigned primary group IDs under certain conditions. A local attacker could use this to escalate privileges or gain unauthorized access to files belonging to other users. The affected release called out is Ubuntu 26.04 LTS, with fixed package authd 0.6.1ubuntu0.1.

This is lower urgency than the Intrado and AVEVA findings because it is local rather than remotely exposed. It still matters for shared developer systems, bastions, and identity-integrated Linux hosts.

Action: Patch Ubuntu 26.04 LTS systems running authd, prioritising shared or privileged Linux environments.

Why This Matters

Today’s leading risks are operational rather than purely IT-centric.

1. Emergency-services infrastructure has little tolerance for management-plane exposure. Intrado EGW needs immediate inventory and access restriction.

2. OT training systems influence real incident response. AVEVA simulator tampering can undermine readiness even without direct process control.

3. SaaS and endpoint inventory gaps remain exploitable. Power Apps and Ubuntu authd both require disciplined asset coverage, not just patch availability.

• Recommended Actions
• Emergency-services/public-sector teams: Check for Intrado EGW 5.x/6.x/7.x, restrict management interfaces, and validate remediation status.
• OT/energy teams: Inventory AVEVA Pipeline Simulation, confirm whether versions are <=2025SP1build7.1.9497.6351, and isolate management access.
• Microsoft platform owners: Verify Power Apps Desktop Client and related dependencies against CVE-2026-32172 guidance.
• Linux fleet teams: Patch Ubuntu 26.04 LTS authd to 0.6.1ubuntu0.1 where present.
• SOC teams: Watch for unexpected management-plane access against emergency-services and OT simulation assets.

All findings grounded in a13e intelligence sweeps through 04:33 UTC 28 April 2026.