The Sangoma FreePBX Security Team warns about an actively exploited zero-day vulnerability affecting systems with exposed Administrator Control Panels. Users are advised to apply urgent security patches and restrict access to prevent breaches. #FreePBX #ZeroDayVulnerability
Keypoints
- The vulnerability has been exploited since August 21, impacting FreePBX systems with exposed admin panels.
- Sangoma is releasing a fix through an EDGE module, with a standard update scheduled soon.
- Many servers have been compromised, affecting thousands of SIP extensions and trunks.
- Indicators of compromise include modified configuration files, suspicious scripts, and unusual call logs.
- Administrators should restrict access, apply updates promptly, and review call records for signs of abuse.