Security teams across industries are urgently patching systems following the public release of a proof-of-concept (PoC) exploit for a newly disclosed critical remote code execution (RCE) vulnerability in Erlang/OTP’s SSH implementation.
The flaw, tracked as CVE-2025-32433 and assigned a maximum CVSS score of 10.0, enables unauthenticated attackers to execute arbitrary code, potentially taking complete control of affected systems.
The vulnerability, disclosed by a team of researchers in April 2025, stems from improper SSH protocol message handling within Erlang/OTP.
.png
)
By sending specially crafted connection protocol messages before authentication, attackers can trigger the flaw and execute code remotely—without needing any credentials.
“This is a particularly dangerous issue because all versions of Erlang/OTP running its SSH server component are affected, regardless of the underlying version,” warned experts.
Erlang/OTP is widely deployed in critical infrastructure, including telecom networks, IoT, and operational technology (OT) environments, vastly increasing the risk surface.
Researchers from Horizon3’s Attack Team confirmed that they successfully reproduced CVE-2025-32433 and developed a working PoC exploit:
“Just finished reproducing CVE-2025-32433 and putting together a quick PoC exploit — surprisingly easy. Wouldn’t be shocked if public PoCs start dropping soon. If you’re tracking this, now’s the time to take action,” Horizon3 posted to social media.
On April 17, an anonymous security researcher posted PoC code for the vulnerability on Pastebin, making it accessible to threat actors worldwide.
Security experts describe the exploit as “surprisingly easy,” heightening fears of imminent mass exploitation.
The severity of CVE-2025-32433 cannot be overstated. Commands executed through exploitation run with the privileges of the SSH daemon—often root—meaning successful attacks could result in full system compromise, data theft, or the deployment of ransomware.
Mitigation and Remediation
The Erlang/OTP project responded quickly, releasing patches for all supported branches:
- OTP-27.3.3
- OTP-26.2.5.11
- OTP-25.3.2.20
Organizations unable to patch immediately should:
- Restrict SSH port access using firewalls
- Disable Erlang/OTP’s SSH server if not essential
- Limit access to trusted IP addresses only
“All organizations should identify any deployment of Erlang/OTP SSH services and prioritize immediate patching,” security experts urge.
With a working exploit now public and the vulnerability trivial to exploit, the window for safe remediation is closing swiftly.
Exposure to this critical flaw could result in rapid, widespread attacks. Immediate action is essential to protect critical infrastructure and prevent devastating cyber incidents.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!
 exploit for a newly disclosed critical remote code execution (RCE) vulnerability in Erlang/OTP’s SSH implementation.){kind=link}