Proof-of-concept code has been released after researchers disclosed a maximum severity remote code execution vulnerability in Erlang/OTP SSH. Successful exploitation could allow for complete takeover of affected devices.
Background
On April 16, Fabian Bäumer, Marcus Brinkmann, Marcel Maehren, and Jörg Schwenk of the Ruhr University Bochum in Germany disclosed a critical vulnerability in Erlang/OTP SSH to the OpenWall vulnerability mailing list. Additionally an official advisory was posted to the GitHub project for Erlang/OTP crediting the researchers for their disclosure.
| CVE | Description | CVSSv3 | VPR |
|---|---|---|---|
| CVE-2025-32433 | Erlang/OTP SSH Remote Code Execution Vulnerability | 10.0 | 10 |
*Please note: Tenable’s Vulnerability Priority Rating (VPR) scores are calculated nightly. This blog post was published on April 18 and reflects VPR at that time.
Analysis
CVE-2025-32433 is a remote code execution (RCE) vulnerability affecting the Erlang/OTP SSH server. The vulnerability exists due to a flaw in the SSH protocol message handling which could allow an unauthenticated attacker to execute arbitrary code. According to the advisory, all users running Erlang/OTP SSH servers are impacted and to assume impact if your application utilizes the Erlang/OTP SSH library. This vulnerability received the maximum CVSSv3 score of 10.0 and when the SSH daemon is running as root, allows an attacker to completely compromise an affected device.
At the time this blog was published, no known exploitation has been observed, however with the ease of exploitation and critical severity, we anticipate attacks will occur soon.
Proof of concept
On April 17, researchers at Platform Security released a public proof-of-concept (PoC) exploit for CVE-20
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: