Erlang/OTP SSH: Unauthenticated remote code execution in Erlang/OTP SSH server (CVE-2025-32433) #shorts
Summary
Welcome to today’s security brief. We’re looking at CVE‑2025‑32433, a critical remote code execution vulnerability in the Erlang/OTP SSH server. Public proof‑of‑concept exploits are already circulating, making it imperative for administrators to act now.
Product details
The issue affects Erlang/OTP SSH implementations shipped with OTP releases prior to 27.3.3, 26.2.5.11, and 25.3.2.20. Erlang/OTP is a set of libraries and runtime components used for building scalable, fault‑tolerant systems. The vulnerability was reported by GitHub_M and published on April 16, 2025.
Vulnerability type summary
This flaw falls under CWE‑306: Missing Authentication for Critical Function. In essence, the SSH server did not properly enforce authentication before processing certain protocol messages, allowing unauthenticated attackers to trigger code execution.
Details of the vulnerability
An attacker sends crafted SSH protocol messages that bypass authentication checks in the Erlang/OTP SSH daemon. By exploiting a flaw in message handling, they can execute arbitrary commands on the target system without valid credentials. Proof‑of‑concept code is publicly available, and several threat actors are already testing exploits in the wild. The issue is fixed in OTP‑27.3.3, OTP‑26.2.5.11, and OTP‑25.3.2.20. Until you can update, disable the SSH server or block its port via firewall rules.
Conclusion
CVE‑2025‑32433 poses a severe risk for any organization running affected Erlang/OTP SSH servers. With public exploits out, patching to the latest OTP release should be your top priority. Disable or shield the SSH service until you can apply the update, and monitor logs for any suspicious connection attempts.
Watch the full video on YouTube: CVE-2025-32433
Remediation and exploitation details
This chain involves the following actors
This following systems are involved
Attack entry point
Remediation actions
Exploitation actions
Related Content
NOTE: The following related content has not been vetted and may be unsafe.
- https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2
- https://github.com/erlang/otp/commit/0fcd9c56524b28615e8ece65fc0c3f66ef6e4c12
- https://github.com/erlang/otp/commit/6eef04130afc8b0ccb63c9a0d8650209cf54892f
- https://github.com/erlang/otp/commit/b1924d37fd83c070055beb115d5d6a6a9490b891
- [2025-04-19] Public exploits available for critical Erlang/OTP SSH vulnerability CVE-2025-32433, urging immediate patching.
- [2025-04-24] Critical vulnerability found in Erlang/OTP SSH implementation due to improper handling of SSH protocol messages.
- [2025-04-22] Public PoC exploit for critical Erlang/OTP SSH bug (CVE-2025-32433) is now available.
- [2025-04-20] Public exploits are available for a critical Erlang/OTP SSH vulnerability, CVE-2025-32433, urging immediate patching.
- [2025-04-24] Cisco confirms some products are impacted by the Erlang/OTP remote code execution vulnerability CVE-2025-32433.
- [2025-04-18] Researchers disclosed a critical remote code execution vulnerability in Erlang/OTP SSH, with a proof-of-concept exploit released.