Critical Erlang SSH Vulnerability Exploited in OT Networks, Patch Now
A severe remote code execution (RCE) vulnerability, CVE-2025-32433, exists in Erlang's Open Telecom Platform (OTP) Secure Shell daemon (sshd). The vulnerability allows unauthenticated attackers to execute commands by sending specific SSH messages before authentication. Organizations are urged to patch immediately.
Temporary measures include disabling the SSH server or restricting access via firewall rules. There has been a surge in exploitation attempts between May 1 and May 9, with 70% of detections originating from firewalls protecting operational technology (OT) networks. Organizations should upgrade to OTP 27.3.3, OTP 26.2.5.11, or OTP 25.3.2.20 to mitigate the risk. Attackers have been observed deploying payloads that establish reverse shells for unauthorized access. Erlang/OTP services are widely exposed on the internet, sometimes over industrial ports like TCP 2222, creating a crossover risk between IT and industrial control systems. Many targeted sectors rely on Erlang/OTP's native SSH for remote administration, including healthcare, agriculture, media and entertainment, and high technology.
Exploitation of this vulnerability could result in full system control, compromise of sensitive information, and additional host compromises within the network. Organizations are advised to patch immediately and review their network security measures to prevent unauthorized access.
Read also:
- Web3 gaming platform, Pixelverse, debuts on Base and Farcaster networks
- UK Government Steps In With £1.5bn Loan to Save JLR After Cyberattack
- Amazon customer duped over Nvidia RTX 5070 Ti purchase: shipped item replaced with suspicious white powder; PC hardware fan deceived, discovers salt instead of GPU core days after receiving defective RTX 5090.
- Infiltration of Estonian airspace by Russian military aircraft
