A critical vulnerability in Erlang/OTP’s SSH implementation, CVE-2025-32433, has been actively exploited, especially targeting operational technology networks. Many attacks have been detected in industries such as healthcare, agriculture, and high tech, highlighting the security risks for OT environments. #ErlangOTP #CVE202532433
Keypoints
- The vulnerability affects all unpatched Erlang/OTP SSH servers utilized for remote access.
- Patched versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20 have been released to address this issue.
- Exploitation activity surged in May, with the majority of attacks targeting OT networks in the United States.
- Attackers used malicious payloads such as reverse shells and botnet communication ports to exploit the flaw.
- Industries like healthcare, agriculture, and high tech are the primary targets of the ongoing exploitation attempts.