InfoSecBulletin Cybersecurity for mankind
A critical security flaw has been found in the Erlang/Open Telecom Platform (OTP) SSH implementation, allowing an attacker to run code without authentication under specific conditions. The vulnerability CVE-2025-32433 has a maximum CVSS score of 10.0.
“The vulnerability allows an attacker with network access to an Erlang/OTP SSH server to execute arbitrary code without prior authentication,” Ruhr University Bochum researchers Fabian Bäumer, Marcus Brinkmann, Marcel Maehren, and Jörg Schwenk said.
Microsoft Patches Four Critical Azure and Power Apps Vulns
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
SonicWall Patches 3 Flaws in SMA 100 Devices
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA
CVE-2025-29824
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day
Hacker exploited Samsung MagicINFO 9 Server RCE flaw
CISA adds Langflow flaw to its KEV catalog
Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
UAP hosted “UAP Cyber Siege 2025”, A national level cybersecurity competition
The issue arises from mishandled SSH protocol messages, allowing attackers to send messages before authentication. This vulnerability could lead to arbitrary code execution within the SSH daemon.
If the daemon process runs as root, it increases the risk by giving attackers full control of the device, allowing unauthorized access to sensitive data or potential denial-of-service (DoS) attacks.
Users running an SSH server with the Erlang/OTP SSH library may be affected by CVE-2025-32433. It’s advised to update to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. As a temporary measure, use firewall rules to block access to vulnerable SSH servers.
In a statement Mayuresh Dani, manager of security research at Qualys, described the vulnerability as extremely critical and that it can allow a threat actor to perform actions such as installing ransomware or siphoning off sensitive data.
“Erlang is frequently found installed on high-availability systems due to its robust and concurrent processing support,” Dani said. “A majority of Cisco and Ericsson devices run Erlang.”
“Any service using Erlang/OTP’s SSH library for remote access such as those used in OT/IoT devices, edge computing devices are susceptible to exploitation. Upgrading to the fixed Erlang/OTP or vendor-supported versions will remediate the vulnerability. Should organizations need more time to install upgrades, they should restrict SSH port access to authorized users alone.”
