Cybersecurity experts have identified widespread exploitation of a critical flaw in Erlang/OTP SSH, impacting various sectors worldwide. The vulnerability, CVE-2025-32433, allows remote code execution and has led to targeted attacks on OT networks; it was actively exploited before being patched. #CVE2025-32433 #ErlangOTP #OTNetworks
Keypoints
- The security flaw CVE-2025-32433 affects Erlang/OTP SSH and is rated with a CVSS score of 10.0.
- The vulnerability was patched in April 2025 with new OTP versions.
- Active exploitation was evidenced by CISA adding it to the KEV catalog in June 2025.
- Over 85% of attack attempts target sectors like healthcare, agriculture, media, and high tech.
- Attackers use reverse shells to gain unauthorized remote access after exploiting the flaw.
Read More: https://thehackernews.com/2025/08/researchers-spot-surge-in-erlangotp-ssh.html