Keys to the Kingdom: Erlang/OTP SSH Vulnerability Analysis and Exploits Observed in the Wild

SUMMARY :

A critical vulnerability (CVE-2025-32433) in Erlang/OTP's SSH daemon allows unauthenticated remote code execution, affecting critical infrastructure and operational technology networks. With a CVSS score of 10.0, it enables command execution by sending SSH connection protocol messages to open ports. Exploit attempts peaked from May 1-9, 2025, with 70% of detections in OT networks. The vulnerability impacts industries like healthcare, agriculture, media, and high technology. Malicious payloads observed include reverse shells for unauthorized access. Geographic distribution shows high impact in countries like Japan, the U.S., and Brazil. The exploit attempts occur in concentrated bursts, disproportionately affecting OT environments across diverse sectors.

OPENCTI LABELS :

exploit,remote code execution,critical infrastructure,vulnerability,ssh,cve-2025-32433,erlang/otp,operational technology


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Keys to the Kingdom: Erlang/OTP SSH Vulnerability Analysis and Exploits Observed in the Wild