⚠ Actively exploited
Added to CISA KEV on 2025-06-09. Federal agencies required to patch by 2025-06-30. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable..

CVE-2025-32433

CWE-306Missing Authentication24 documents17 sources
Severity
10.0CRITICAL
EPSS
53.6%
top 2.01%
CISA KEV
KEV
Added 2025-06-09
Due 2025-06-30
Exploit
PoC available
Public exploit / PoC exists
Affected products
13
Erlang OTPCisco Cloud Native Broadband Network GatewayCisco Confd Basic+10 more
Timeline
PublishedApr 16
KEV addedJun 9
KEV dueJun 30
Latest updateAug 27
CISA Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Description

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary w

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 3.9 | Impact: 6.0

Affected Packages13 packages

CVEListV5erlang/otp< OTP-25.3.2.20+2
NVDerlang/erlang\/otp26.026.2.5.11+2
Debianerlang< 1:23.2.6+dfsg-1+deb11u2+3
NVDcisco/staros< 2025.03
NVDcisco/smart_phy< 25.2

Also affects: Debian Linux 11.0

Patches

Patch: github.comPatch: github.comPatch: github.com

🔴Vulnerability Details

3
OSV
CVE-2025-32433: Erlang/OTP is a set of libraries for the Erlang programming language2025-04-16
CVEList
Erlang/OTP SSH Vulnerable to Pre-Authentication RCE2025-04-16
VulnCheck
Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability2025

💥Exploits & PoCs

2
Metasploit
Erlang OTP Pre-Auth RCE Scanner and Exploit
Nuclei
Erlang/OTP SSH - Remote Code Execution

🔍Detection Rules

4
Suricata
ET INFO Potentially Vulnerable Cisco ConfD SSH Server Banner (CVE-2025-32433)2025-04-23
Suricata
ET EXPLOIT SSH Erlang/OTP SSH Server Unencryped Channel Request (Message Type 98) (CVE-2025-32433)2025-04-22
Suricata
ET INFO Potentially Vulnerable Erlang/OTP SSH Server Banner (CVE-2025-32433)2025-04-22
Suricata
ET EXPLOIT SSH Client Key Exchange Init Cookie Null2025-04-22

📋Vendor Advisories

7
Ubuntu
Erlang vulnerability2025-07-17
CISA
Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability2025-06-09
Ubuntu
Erlang vulnerability2025-04-23
Cisco
Multiple Cisco Products Unauthenticated Remote Code Execution in Erlang/OTP SSH Server: April 20252025-04-22
Ubuntu
Erlang vulnerability2025-04-17

🕵️Threat Intelligence

6
Securelist
Exploits and vulnerabilities in Q2 20252025-08-27
Unit42
Keys to the Kingdom: Erlang/OTP SSH Vulnerability Analysis and Exploits Observed in the Wild2025-08-11
Unit42
Keys to the Kingdom: Erlang/OTP SSH Vulnerability Analysis and Exploits Observed in the Wild2025-08-11
Wiz
Crying Out Cloud Newsletter - May 2025 | Wiz2025-05-01
Bleepingcomputer
Critical Erlang/OTP SSH RCE bug now has public exploits, patch now2025-04-19
CVE-2025-32433 (CRITICAL CVSS 10) | Erlang/OTP is a set of libraries fo | cvebase.io