CVE-2025-32433 - PatchNow

Data Source: CIRCL

Confidence: HIGH

Exploitation Method: DIRECT_NETWORK

CVE Published: 2025-04-16

Added to CISA KEV: 2025-06-09 54 DAYS BETWEEN CVE AND KEV

⚠️ CRITICAL: Check for indicators of compromise - this vulnerability is in CISA KEV indicating active exploitation in the wild. Review logs, check for unauthorized access, verify system integrity before patching
CRITICAL: Immediately patch to OTP-27.3.3, OTP-26.2.5.11, or OTP-25.3.2.20
Emergency workaround: Disable SSH servers or block SSH access via firewall rules
Monitor SSH connection logs for suspicious authentication attempts and unusual traffic patterns
Conduct immediate incident response assessment for any internet-facing Erlang/OTP SSH servers

CVE-2025-32433 - Serious Remote Code Execution in Erlang/OTP ... - cve.news
Conclusion CVE-2025-32433 is a critical flaw. If you run an Erlang/OTP SSH server exposed to the internet, patch immediately or shut it off. Stay safe—keep up-to-date, subscribe to official Erlang Mailing List for alerts, and always firewall sensitive endpoints. *For more details: Erlang/OTP Security Advisories Full CVE Description @ NVD ...
CVE-2025-32433: Erlang/OTP SSH Unauthenticated Remote Code ... - Tenable
CVE-2025-32433 is a remote code execution (RCE) vulnerability affecting the Erlang/OTP SSH server. The vulnerability exists due to a flaw in the SSH protocol message handling which could allow an unauthenticated attacker to execute arbitrary code.
Observed Exploitation of CVE-2025-32433 in the Wild
Exploitation of CVE-2025-32433 in Erlang/OTP is active. Multiple campaigns and varied payloads highlight need for urgent patching.
CVE-2025-32433 Detail - NVD
Vulnerabilities. CVE-2025-32433 Detail. Description. Erlang/OTP is a set of libraries for the Erlang programming language.
CVE-2025-32433: Maximum Severity Unauthenticated... - Arctic Wolf
CVE-2025-32433 allows unauthenticated remote threat actors to achieve remote code execution (RCE) in the SSH daemon.

🔴 CVE-2025-32433