Brandon
Well-Known Member
Received the below email. Use trunks from SwitchTel on self hosted, fully updated, patched and firewalled FreePBX system.
Outbound calls now blocked and must manually unblock.
All my clients with a similar setup also received it and been blocked from dialing out.
Thanks for ruining my Friday evening
TLDR version:
We have chosen this opportunity of the emergence of (yet another) high scoring CVE to let you know you are using a free opensource pbx that we disapprove the use of (oops, we use Asterisk - but ignore that), so we decided to block your outbound calls for your own "safety".
Oh, we didn't bother to check the version you are actually using, or even consider that your pbx may not even be open to the internet - but this was a fantastic opportunity to punt our "secure" (expensive) cloud solutions.
So buy our more expensive solutions and stop using the cheaper basic services.
Yours faithfully
Switch Telecom - Customer Care Team
Outbound calls now blocked and must manually unblock.
All my clients with a similar setup also received it and been blocked from dialing out.
Thanks for ruining my Friday evening
Dear Sir/Madam
Active FreePBX Zero-Day Exploit
Switch Telecom has become aware of a serious security vulnerability in FreePBX switchboard software.
We are contacting you because we have identified that you have registered your Switch Telecom service to a FreePBX system and are, accordingly, at risk.
It is our experience that, where such vulnerabilities are made public, fraudsters rapidly seek to abuse the situation.
Switch Telecom does not make use of FreePBX in its own systems and our systems remain secure. Notwithstanding that, we note that you have opted to install your own FreePBX system. Your FreePBX system was neither provided by nor is it maintained by Switch Telecom. As such, Switch Telecom shall not be responsible for any losses that you may incur as a result of your FreePBX system being vulnerable to fraud.
We are taking immediate measures to bar all outgoing calls on your service. This will prevent calls from being made and, notwithstanding the disruption this may pose to you, it is an essential precaution to prevent incurring exorbitant costs should your FreePBX system be hacked and exploited by fraudsters.
We are including below information on how to update and secure your FreePBX system. Once you have updated it, you can remove call barring by logging into the Switch Telecom Client Zone, selecting Services -> Service Management, clicking on the applicable line/trunk service, clicking Call Barring, selecting "Allow outbound calling" and clicking Update. We strongly recommend also selecting "Prohibit international calling" out of an abundance of precaution even after you have updated your FreePBX system.
Please do NOT remove your call barring before you have secured your FreePBX system, even in respect of national calls, and even if you feel that this is essential in order to continue operating your business. To the extent that you do so and your system is abused by fraudsters, you may become liable for thousands of Rands in calls costs and run the risk that other telephone networks may block your phone number. It can then take up to three weeks to get your number removed from various blacklists.
Updating FreePBX
The Sangoma FreePBX Security Team has issued an advisory warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with an administrator control panel (ACP) exposed to the public internet.
The vulnerability, assigned the CVE identifier CVE-2025-57819, carries a CVSS score of 10.0, indicating maximum severity.
More information is available at: https://thehackernews.com/2025/08/freepbx-servers-targeted-by-zero-day.html
In the event that your FreePBX system becomes compromised before you update it, it is recommended to erase it entirely and re-install the latest version afresh, as well as to arrange with Switch Telecom to reset the SIP passwords for all Switch Telecom service credentials that were saved on the compromised system.
Assistance from Switch Telecom
Switch Telecom is reachble on 087 550 0000 during office hours. Our technical support team do not usually work on weekends or after hours, however, should you require assistance specifically with respect to this matter, please email us at [email protected] and we will endevour to arrange for a standby engineer to assist you.
Please note that, since we did not provide your FreePBX system and do not manage, we cannot simply fix this issue for you and your first call should be to whomever maintains your FreePBX switchboard. Our support team will assist with call barring and other matters pertaining to your Switch Telecom service.
Alternatives
Should you not be able to update and secure your FreePBX system, an alternative is to discontinue the use of it and replace it with a Switch Telecom Hosted Switchboard solution.
For more information on the Hosted Switchboard offering, please visit: https://www.switchtel.co.za/hosted-switchboard-pbx-solution/
--
Yours faithfully
Switch Telecom - Customer Care Team
T +27 87 550 0000
W www.switchtel.co.za
TLDR version:
We have chosen this opportunity of the emergence of (yet another) high scoring CVE to let you know you are using a free opensource pbx that we disapprove the use of (oops, we use Asterisk - but ignore that), so we decided to block your outbound calls for your own "safety".
Oh, we didn't bother to check the version you are actually using, or even consider that your pbx may not even be open to the internet - but this was a fantastic opportunity to punt our "secure" (expensive) cloud solutions.
So buy our more expensive solutions and stop using the cheaper basic services.
Yours faithfully
Switch Telecom - Customer Care Team