CVE-2025-32433

Name of the Vulnerable Software and Affected Versions Erlang/OTP versions prior to OTP-27.3.3 Erlang/OTP versions prior to OTP-26.2.5.11 Erlang/OTP versions prior to OTP-25.3.2.20

Description A critical flaw in the SSH protocol implementation of the Erlang/OTP library allows unauthenticated remote code execution (RCE). The issue stems from incorrect handling of SSH protocol messages, where the server may fail to verify the authentication stage and prematurely process CHANNEL OPEN and exec requests. This enables a remote attacker to send specially crafted SSH packets to execute arbitrary commands without valid credentials. If the SSH daemon runs with root privileges, an attacker can gain full control of the host system. Approximately 600,000 IP addresses are estimated to be running Erlang/OTP, with significant risks to telecom infrastructures, databases, and high-availability systems. Real-world exploitation has been observed, particularly targeting operational technology (OT) networks, with some attacks focusing on healthcare, agriculture, media, and high-tech sectors in the US, Canada, Brazil, India, and Australia. Attackers have been seen deploying reverse shells to maintain unauthorized remote access.

Recommendations Update to version OTP-27.3.3 or newer. Update to version OTP-26.2.5.11 or newer. Update to version OTP-25.3.2.20 or newer. As a temporary workaround, disable the SSH server or restrict access using firewall rules.