Do Son 
A critical vulnerability has been discovered in the implementation of the SSH library within the Erlang/Open Telecom Platform (OTP), allowing unauthenticated execution of arbitrary code.
The issue, tracked as CVE-2025-32433 (CVSS score: 10.0), stems from improper handling of SSH protocol messages. An attacker can transmit specially crafted messages before the authentication stage, thereby achieving arbitrary code execution within the SSH server process. Particularly alarming is the fact that, if the daemon is running with root privileges, the attacker gains full control over the system, including access to sensitive data and the ability to render the device inoperative (Denial of Service, DoS).
The vulnerability affects all versions of Erlang/OTP utilizing the flawed SSH library. Devices that rely on Erlang as the foundation for robust, fault-tolerant systems are especially at risk. Such systems are prevalent in industrial automation, networking hardware, as well as IoT and edge infrastructures. Experts specifically highlight the widespread deployment of Erlang in devices produced by Cisco and Ericsson.
An anonymous security researcher has released proof-of-concept code for CVE-2025-32433 on Pastebin.
To mitigate the threat, it is imperative to promptly update the platform to one of the following versions: OTP-27.3.3, OTP-26.2.5.11, or OTP-25.3.2.20. If immediate updating is not feasible, it is strongly recommended to restrict SSH server access via firewall rules, allowing connections only from trusted sources.
According to Qualys, this vulnerability could serve as an entry point for ransomware deployment or data exfiltration. It is further emphasized that the nature of the flaw renders it particularly perilous for systems where stability and high availability are paramount — precisely the environments where Erlang is most commonly employed.
