# CVE-2019-19006

> Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and below have Incorrect Access Control.

- **CVSS:** 9.8 (CRITICAL)
- **EPSS:** 21.6%
- **CISA KEV:** yes
- **CWE:** CWE-287

Canonical: https://intel.threadlinqs.com/cve/CVE-2019-19006
Full threat coverage + IOCs via the Threadlinqs MCP server (Purple tier): https://intel.threadlinqs.com/mcp