SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking

Servers exposed to complete takeover due to CVE-2025-32433, an unauthenticated remote code execution flaw in Erlang/OTP SSH.

Many devices could be exposed to complete takeover due to a critical vulnerability discovered recently in the Erlang/OTP SSH library.

Erlang/OTP is a collection of libraries, middleware and other tools designed for creating scalable soft real-time systems that require high availability, such as e-commerce, banking, and communications applications. 

A team of researchers from Ruhr University Bochum in Germany discovered that Erlang/OTP’s SSH implementation is affected by a critical vulnerability for which they calculated a CVSS score of 10.

Tracked as CVE-2025-32433, the flaw is related to the SSH protocol message handling, which “allows an attacker to send connection protocol messages prior to authentication”.

The researchers said all SSH servers that leverage the Erlang/OTP SSH library are likely to be impacted, and they drew attention to ones used for remote access.  

“The vulnerability allows an attacker to execute arbitrary code in the context of the SSH daemon. If your SSH daemon is running as root, the attacker has full access to your device. Consequently, this vulnerability may lead to full compromise of hosts, allowing for unauthorized access to and manipulation of sensitive data by third  parties, or denial-of-service attacks,” the researchers explained

CVE-2025-32433 has been patched with the release of OTP-27.3.3, OTP-26.2.5.11 and OTP-25.3.2.20. As a workaround, users can prevent potential attacks using firewall rules, the researchers said. 

Qualys researcher Mayuresh Dani told SecurityWeek that the vulnerability could allow a remote attacker to install ransomware or obtain sensitive data.

Advertisement. Scroll to continue reading.

“Erlang is frequently found installed on high-availability systems due to its robust and concurrent processing support. A majority of Cisco and Ericsson devices run Erlang. Any service using Erlang/OTP’s SSH library for remote access such as those used in OT/IoT devices, edge computing devices are susceptible to exploitation,” Dani warned.

Related: GNU C Library Vulnerability Leads to Full Root Access

Related: Critical Vulnerability Found in Apache Roller Blog Server

Related: Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

More from

Latest News

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Virtual Event: Threat Detection and Incident Response Summit
May 21, 2025

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Webinar: Cut Through the Noise: Why Context is a Secret Weapon in ASPM
May 29, 2025

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Shane Barney has been appointed CISO of password management and PAM solutions provider Keeper Security.

Edge Delta has appointed Joan Pepin as its Chief Information Security Officer.

Vats Srivatsan has been appointed interim CEO of WatchGuard after Prakash Panjwani stepped down.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.