CVE-2025-32433
Erlang/OTP SSH Server Unauthenticated Remote Code Execution
Description
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.
INFO
Published Date :
April 16, 2025, 10:15 p.m.
Last Modified :
April 25, 2025, 11:15 p.m.
Source :
[email protected]
Remotely Exploitable :
Yes !
Impact Score :
6.0
Exploitability Score :
3.9
Public PoC/Exploit Available at Github
CVE-2025-32433 has a 40 public PoC/Exploit
available at Github.
Go to the Public Exploits
tab to see the list.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2025-32433
.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
A critical flaw has been discovered in Erlang/OTP's SSH server allows unauthenticated attackers to gain remote code execution. One malformed SSH handshake bypasses authentication and exploits improper handling of SSH protocol messages.
Python
A practical cybersecurity portfolio showcasing real-world CVE exploits, lab-based attacks, and pentesting techniques as part of my eJPT and red team journey.
Python
CVE-2025-32433 – Erlang/OTP SSH vulnerability allowing pre-auth RCE
cve-2025-32433 ericsson erlang rce-exploit ssh
Dockerfile Python
Exploit Erlang/OTP SSH CVE-2025-32433 in a lab setup.
This script is a custom security tool designed to test for a critical pre-authentication vulnerability in systems running Erlang-based SSH servers
Python
This script is a custom security tool designed to test for a critical pre-authentication vulnerability in systems running Erlang-based SSH servers
Python
CVE-2025-32433 is a vuln of ssh
Python
None
Dockerfile Python Erlang
CVE-2025-32433 Summary and Attack Overview
Python
None
Python
Erlang OTP SSH NSE Discovery Script
Lua
CVE-2025-32433 Erlang/OTP SSH RCE Exploit SSH远程代码执行漏洞EXP
cve-2025-32433
CVE-2025-32433 https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2
cve-2025-32433
Python Dockerfile Erlang
A proof-of-concept exploit for CVE-2025-32433, a critical vulnerability in Erlang's SSH library that allows pre-authenticated code execution via malformed SSH_MSG_CHANNEL_REQUEST packets.
Python
CVE lab to accompany CVE course for CVE-2025-32433
Python
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2025-32433
vulnerability anywhere in the article.

-
Help Net Security
Week in review: MITRE ATT&CK v17.0 released, PoC for Erlang/OTP SSH bug is public
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Released: MITRE ATT&CK v17.0, now with ESXi attack TTPs MITRE has released the latest version of its A ... Read more

-
TheCyberThrone
CVE-2025-34028 impacts Commvault Command Center
CVE-2025-34028 is a critical path traversal vulnerability affecting the Commvault Command Center Innovation Release. This flaw allows unauthenticated remote attackers to upload malicious ZIP files, wh ... Read more

-
Cyber Security News
Cisco Confirms Multiple Products Impacted by Erlang/OTP SSH Server RCE Vulnerability
Cisco Systems has issued a critical security advisory confirming that multiple products across its portfolio are affected by a remote code execution (RCE) vulnerability in the Erlang/OTP SSH server (C ... Read more

-
TheCyberThrone
CVE-2025-1021 impacts Synology DiskStation Manager
CVE-2025-1021 is a critical vulnerability affecting Synology DiskStation Manager (DSM), specifically its Network File System (NFS) service. This flaw allows unauthenticated remote attackers to read ar ... Read more

-
TheCyberThrone
CVE-2025-1731 and CVE-2025-1732 impacts Zyxel Firewalls
Zyxel has disclosed two critical vulnerabilities, CVE-2025-1731 and CVE-2025-1732, affecting its USG FLEX H series firewalls. These vulnerabilities could allow authenticated local attackers to escalat ... Read more

-
Help Net Security
Released: MITRE ATT&CK v17.0, now with ESXi attack TTPs
MITRE has released the latest version of its ATT&CK framework, which now also includes a new section (“matrix”) to cover the tactics, techniques and procedures (TTPs) used to target VMware ESXi hyperv ... Read more

-
TheCyberThrone
CVE-2025-32433 impacts Erlang/OTP
The CVE-2025-32433 vulnerability, identified in the Erlang/OTP SSH library, is a severe remote code execution (RCE) flaw that allows unauthenticated attackers to execute arbitrary commands during SSH ... Read more

-
security.nl
Cisco waarschuwt voor kritiek Erlang/OTP SSH-lek in eigen producten
Een kritieke kwetsbaarheid in Erlang/OTP SSH server is ook aanwezig in producten van Cisco, zo waarschuwt het netwerkbedrijf dat updates heeft uitgebracht om het probleem te verhelpen. Erlang is een p ... Read more

-
Daily CyberSecurity
Critical RCE Vulnerability in Erlang/OTP SSH Server Impacts Multiple Cisco Products
A critical remote code execution (RCE) vulnerability tracked as CVE-2025-32433 has disclosed. This flaw resides in the Erlang/OTP SSH server and affects a number of Cisco products that rely on the pla ... Read more

-
Cyber Security News
ChatGPT Creates Working Exploit for CVE’s Before Public PoCs Released
In a development that could transform vulnerability research, security researcher Matt Keeley demonstrated how artificial intelligence can now create working exploits for critical vulnerabilities befo ... Read more

-
Help Net Security
PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433)
There are now several public proof-of-concept (PoC) exploits for a maximum-severity vulnerability in the Erlang/OTP SSH server (CVE-2025-32433) unveiled last week. “All users running an SSH server bas ... Read more

-
The Register
Today's LLMs craft exploits from patches at lightning speed
The time from vulnerability disclosure to proof-of-concept (PoC) exploit code can now be as short as a few hours, thanks to generative AI models. Matthew Keely, of Platform Security and penetration te ... Read more

-
The Hacker News
⚡ THN Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More
Cybersecurity / Hacking News Can a harmless click really lead to a full-blown cyberattack? Surprisingly, yes — and that's exactly what we saw in last week's activity. Hackers are getting better at hid ... Read more

-
cybereason.com
CVE-2025-32433: Unauthenticated RCE Vulnerability in Erlang/OTP’s SSH Implementation
Key Takeaways A critical vulnerability has been discovered in Erlang/OTP, tracked as CVE-2025-32433, and has a CVSS score of 10 (critical). This critical remote code execution (RCE) vulnerability aff ... Read more

-
BleepingComputer
Critical Erlang/OTP SSH RCE bug now has public exploits, patch now
Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute code on impacted devices. Researchers at ... Read more

-
security.nl
Erlang/OTP SSH-servers via kritieke kwetsbaarheid over te nemen
Erlang/OTP SSH-servers zijn via een kritieke kwetsbaarheid op afstand door ongeauthenticeerde aanvallers over te nemen. De impact van het beveiligingslek is op een schaal van 1 tot en met 10 beoordeel ... Read more

-
Cyber Security News
PoC Exploit Released for Erlang/OTP SSH Remote Code Execution Vulnerability
A critical remote code execution vulnerability in Erlang/OTP’s SSH implementation has security teams scrambling to patch affected systems after researchers confirmed the development of a proof-of-conc ... Read more

-
Daily CyberSecurity
Critical CVE-2025-32433 PoC Released: Erlang/OTP SSH Vulnerability Enables RCE
An anonymous security researcher has published proof-of-concept code for CVE-2025-32433, a critical vulnerability in the Erlang/OTP SSH application. The flaw enables unauthenticated remote code execut ... Read more

-
BleepingComputer
Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now
A critical vulnerability in the Erlang/OTP SSH, tracked as CVE-2025-32433, has been disclosed that allows for unauthenticated remote code execution on vulnerable devices. The flaw was discovered by Fa ... Read more

-
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Researchers Find CVSS 10.0 Severity RCE Vulnerability in Erlang/OTP SSH
Security researchers report CVE-2025-32433, a CVSS 10.0 RCE vulnerability in Erlang/OTP SSH, allowing unauthenticated code execution on exposed systems. A newly disclosed vulnerability in the Erlang/O ... Read more

-
Cyber Security News
Critical Erlang/OTP SSH Vulnerability Allows Unauthenticated Remote Code Execution
A critical vulnerability in the Erlang/Open Telecom Platform (OTP) SSH implementation that allows attackers to execute arbitrary code without authentication. The flaw, tracked as CVE-2025-32433, has b ... Read more

-
The Hacker News
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution
Vulnerability / Network Security A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary co ... Read more

-
Daily CyberSecurity
Erlang/OTP CVE-2025-32433 (CVSS 10): Critical SSH Flaw Allows Unauthenticated RCE
A critical vulnerability has been discovered in the SSH server component of Erlang/OTP, a technology widely used in telecommunications, distributed systems, and real-time platforms. The flaw, now trac ... Read more
The following table lists the changes that have been made to the
CVE-2025-32433
vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
CVE Modified by af854a3a-2127-422b-91ae-364da2661108
Apr. 25, 2025
Action Type Old Value New Value Added Reference https://security.netapp.com/advisory/ntap-20250425-0001/ -
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Apr. 21, 2025
Action Type Old Value New Value Added Reference https://github.com/ProDefense/CVE-2025-32433/blob/main/CVE-2025-32433.py -
CVE Modified by af854a3a-2127-422b-91ae-364da2661108
Apr. 19, 2025
Action Type Old Value New Value Added Reference http://www.openwall.com/lists/oss-security/2025/04/19/1 -
CVE Modified by af854a3a-2127-422b-91ae-364da2661108
Apr. 19, 2025
Action Type Old Value New Value Added Reference http://www.openwall.com/lists/oss-security/2025/04/18/6 -
CVE Modified by af854a3a-2127-422b-91ae-364da2661108
Apr. 18, 2025
Action Type Old Value New Value Added Reference http://www.openwall.com/lists/oss-security/2025/04/18/2 -
CVE Modified by af854a3a-2127-422b-91ae-364da2661108
Apr. 18, 2025
Action Type Old Value New Value Added Reference http://www.openwall.com/lists/oss-security/2025/04/18/1 -
New CVE Received by [email protected]
Apr. 16, 2025
Action Type Old Value New Value Added Description Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules. Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Added CWE CWE-306 Added Reference https://github.com/erlang/otp/commit/0fcd9c56524b28615e8ece65fc0c3f66ef6e4c12 Added Reference https://github.com/erlang/otp/commit/6eef04130afc8b0ccb63c9a0d8650209cf54892f Added Reference https://github.com/erlang/otp/commit/b1924d37fd83c070055beb115d5d6a6a9490b891 Added Reference https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2 -
CVE Modified by af854a3a-2127-422b-91ae-364da2661108
Apr. 16, 2025
Action Type Old Value New Value Added Reference http://www.openwall.com/lists/oss-security/2025/04/16/2
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2025-32433
is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2025-32433
weaknesses.