CVE-2025-32433

Name of the Vulnerable Software and Affected Versions Erlang/OTP versions prior to OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20

Description A critical vulnerability in Erlang/OTP's SSH implementation allows unauthenticated remote code execution. This vulnerability is caused by a flaw in the SSH protocol message handling, which enables attackers to send messages before authentication and execute arbitrary commands without valid credentials. The vulnerability affects systems using the SSH library, which is widely deployed in high-availability environments, such as telecom and IoT systems.

Recommendations For Erlang/OTP versions prior to OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, update to the latest version (OTP-27.3.3, OTP-26.2.5.11, or OTP-25.3.2.20) to fix the vulnerability. As a temporary workaround, consider disabling the SSH server or restricting access to it via firewall rules to minimize the risk of exploitation.