CVE-2019-19006

Name of the Vulnerable Software and Affected Versions Sangoma FreePBX versions 15.0.16.26 and below Sangoma FreePBX versions 14.0.13.11 and below Sangoma FreePBX versions 13.0.197.13 and below

Description The issue concerns Incorrect Access Control in Sangoma FreePBX, which has been exploited by hackers to gain administrator rights in targeted systems. Over the last 12 months, more than 1200 organizations using Asterisk with the Sangcoma PBX interface have been attacked, with the hackers scanning for unupdated servers and using the vulnerability to take control of the system. The compromised systems are then used to initiate calls to PRN-numbers, allowing the attackers to gain illegal profit. It is also possible that the compromised VoIP systems could be used for other malicious activities, such as making fraudulent calls or spoofing numbers. The attacks have primarily targeted organizations in the USA and Europe, but 13 companies in Russia have also been affected.

Recommendations For Sangoma FreePBX versions 15.0.16.26 and below, update to a version above 15.0.16.26 to resolve the issue. For Sangoma FreePBX versions 14.0.13.11 and below, update to a version above 14.0.13.11 to resolve the issue. For Sangoma FreePBX versions 13.0.197.13 and below, update to a version above 13.0.197.13 to resolve the issue. As a temporary workaround, consider restricting access to the administrative interface of the Sangoma FreePBX to minimize the risk of exploitation.