Researchers warn of critical flaw found in Erlang OTP SSH

Dive Brief:

• Security researchers on Monday warned of a critical vulnerability in the Erlang Open Telecom Platform SSH implementation, which could allow an unauthenticated attacker with network access to execute arbitrary code. 
• The vulnerability, tracked as CVE-2025-32433, has been assigned a CVSS score of 10. If an SSH daemon is running as root, then an attacker has full access to a device, researchers from Ruhr University Bochum said in a post on Openwall. 
• This level of access could allow third parties to manipulate sensitive data or launch denial-of-service attacks. 

Dive Insight:

This particular vulnerability is considered very high risk, due to the lack of required authentication needed, the ease of exploitation and the wide use in a variety of platforms, according to researchers at Horizon3.ai. 

Users are urged to upgrade to the latest versions. As a temporary workaround, users can disable the SSH server.

Horizon3.ai researchers last Thursday said they were able to quickly reproduce the vulnerability. A detailed proof of concept will not be released until after a patch has been made widely available. 

Erlang OTP is commonly found in IoT devices and telecommunications platforms and is used as a debug utility in other services, including CouchDB and RabbitMQ, Horizon3.ai researchers said. 

The vulnerability could impact a wide range of devices across various OT systems, and devices from Cisco and Ericsson could be affected, according to researchers from Frenos.