Erlang/OTP SSH RCE Vulnerability Actively Exploited to Target OT Networks
Posted: Tue Aug 12, 2025 4:40 am
A severe vulnerability, designated CVE-2025-32433 with a CVSS score of 10.0, has been identified in the Secure Shell (SSH) daemon of the Erlang programming languageās Open Telecom Platform (OTP).
This flaw permits unauthenticated remote code execution (RCE) by allowing attackers to send SSH connection protocol messages with codes greater than or equal to 80 to open SSH ports, which are intended to be processed only after successful authentication.
https://gbhackers.com/erlang-otp-ssh-rc ... exploited/
This flaw permits unauthenticated remote code execution (RCE) by allowing attackers to send SSH connection protocol messages with codes greater than or equal to 80 to open SSH ports, which are intended to be processed only after successful authentication.
https://gbhackers.com/erlang-otp-ssh-rc ... exploited/