Security teams have identified a maximum-severity vulnerability-CVE-2025-32433-in the SSH implementation of Erlang/OTP, a platform widely deployed in telecom, industrial control systems (ICS), IoT devices, and other high-availability environments. The flaw enables unauthenticated remote code execution, allowing attackers to run arbitrary commands before authentication completes.
Why It Matters
- Wide Reach: The issue affects any application using the OTP SSH server-including critical systems from Cisco, Ericsson, and others.
- Real-World Exploitation: Since May 2025, attackers have begun exploiting the flaw, particularly targeting OT firewall systems. CISA has officially added it to its Known Exploited Vulnerabilities (KEV) catalog.
- Simple Exploitability: Proof-of-concept code is now public, making it easier for attackers to compromise systems.
- Potential Impact: Once exploited, devices can be fully controlled by malicious actors, risking ransomware deployment, data theft, or operational disruption.
Security Actions Required
To mitigate this urgent threat:
- Apply vendor-released patches for OTP versions 27.3.3, 26.2.5.11, or 25.3.2.20.
- Restrict access to Erlang-based SSH services with firewall rules and IP whitelisting.
- Disable the SSH module on Erlang applications if unnecessary.([turn0search7])
- Monitor for unexpected connections and pre-auth interactions via EDR or SIEM platforms.
- Validate vendor readiness-many third-party devices ship with embedded Erlang that needs patching.
Industries Most At Risk
This vulnerability poses a serious risk to sectors including:
- Telecommunications and Network Infrastructure due to embedded Erlang software.
- Industrial and Critical Infrastructure (Energy, Utilities, Manufacturing) where OT systems rely on Erlang communication.
- Telecom Equipment Providers and IoT Deployments vulnerable to invisible escalation and payload delivery.
Conclusion
CVE-2025-32433 highlights the hidden risks in trusted system components within critical infrastructure. Rapid patching, architecture review, and robust monitoring are essential-not optional-for uninterrupted, secure operations.
About COE Security
COE Security partners with organizations in financial services, healthcare, retail, manufacturing, and government to secure AI-powered systems and ensure compliance. Our offerings include:
- AI-enhanced threat detection and real-time monitoring
- Data governance aligned with GDPR, HIPAA, and PCI DSS
- Secure model validation to guard against adversarial attacks
- Customized training to embed AI security best practices
- Penetration Testing (Mobile, Web, AI, Product, IoT, Network & Cloud)
- Secure Software Development Consulting (SSDLC)
- Customized CyberSecurity Services
Additionally, we help organizations in sectors like telecom, industrial automation, and IoT secure their infrastructure against systemic vulnerabilities. We provide architecture audits, patch prioritization strategies, and real-time monitoring tailored to environments with embedded Erlang components.
Follow COE Security on LinkedIn for ongoing insights into safe, compliant AI adoption-and stay informed and cyber safe.