Erlang/Open Telecom Platform (OTP) has a significant security flaw in its SSH implementation, designated as CVE-2025-32433. This flaw permits remote code execution (RCE) by enabling malicious actors to execute code without authentication due to improper handling of SSH protocol messages. If exploited, especially in environments where the SSH daemon runs as root, attackers could gain full control, risking sensitive data and system integrity. Experts emphasize the criticality of this vulnerability, urging immediate action to patch systems and conduct thorough forensic investigations to prevent breaches and manage risks effectively.
Remote code execution (RCE) vulnerabilities require immediate attention from corporate security teams. Not only should every system that uses this software be patched, forensics should also be conducted on the systems to determine if they were compromised to further manage software risk.
The issue stems from improper handling of SSH protocol messages that essentially permit an attacker to send connection protocol messages prior to authentication. Successful exploitation could result in arbitrary code execution in the context of the SSH daemon.
CVE-2025-32433 in Erlang/OTP's SSH implementation is extremely critical, warranting a CVSSv3 score of 10.0. Due to improper handling of pre-authentication SSH protocol messages, a remote threat actor can bypass security checks to execute code on a system.
If the SSH daemon runs with root privileges - which is common in many deployments - the threat actor will gain complete control over the exploited host. This can allow the threat actor to perform actions such as installing ransomware or siphon off sensitive data.
Collection
[
|
...
]