CVE-2025-32433 - Vulnerability Details

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is in the KEV database since June 9, 2025.

Exploitation active

Automatable yes

Technical Impact total

Vendors	Products
Cisco	Cloud Native Broadband Network Gateway Confd Basic Enterprise Nfv Infrastructure Software Inode Manager Ncs 1001 Ncs 1002 Ncs 1004 Ncs 2000 Shelf Virtualization Orchestrator Firmware Ncs 2000 Shelf Virtualization Orchestrator Module Network Services Orchestrator Optical Site Manager Rv160 Rv160 Firmware Rv160w Rv160w Firmware Rv260 Rv260 Firmware Rv260p Rv260p Firmware Rv260w Rv260w Firmware Rv340 Rv340 Firmware Rv340w Rv340w Firmware Rv345 Rv345 Firmware Rv345p Rv345p Firmware Smart Phy Staros Ultra Cloud Core Ultra Packet Core Ultra Services Platform
Erlang	Erlang\/otp

Configuration 1 [-]

OR	cpe:2.3:a:erlang:erlang\/otp::::::::
	cpe:2.3:a:erlang:erlang\/otp::::::::
	cpe:2.3:a:erlang:erlang\/otp::::::::

Configuration 2 [-]

OR	cpe:2.3:a:cisco:confd_basic::::::::
	cpe:2.3:a:cisco:confd_basic::::::::
	cpe:2.3:a:cisco:confd_basic::::::::
	cpe:2.3:a:cisco:confd_basic::::::::
	cpe:2.3:a:cisco:confd_basic::::::::

Configuration 3 [-]

OR	cpe:2.3:a:cisco:network_services_orchestrator::::::::
	cpe:2.3:a:cisco:network_services_orchestrator::::::::
	cpe:2.3:a:cisco:network_services_orchestrator::::::::
	cpe:2.3:a:cisco:network_services_orchestrator::::::::
	cpe:2.3:a:cisco:network_services_orchestrator::::::::
	cpe:2.3:a:cisco:network_services_orchestrator::::::::

Configuration 4 [-]

OR	cpe:2.3:a:cisco:cloud_native_broadband_network_gateway::::::::
	cpe:2.3:a:cisco:inode_manager:-:::::::*
	cpe:2.3:a:cisco:smart_phy::::::::
	cpe:2.3:a:cisco:ultra_packet_core:-:::::::*
	cpe:2.3:a:cisco:ultra_services_platform:-:::::::*
	cpe:2.3:o:cisco:staros::::::::

Configuration 5 [-]

AND

cpe:2.3:a:cisco:optical_site_manager:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:ncs_1001:-:::::::*
	cpe:2.3:h:cisco:ncs_1002:-:::::::*
	cpe:2.3:h:cisco:ncs_1004:-:::::::*

Configuration 6 [-]

AND

cpe:2.3:o:cisco:ncs_2000_shelf_virtualization_orchestrator_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ncs_2000_shelf_virtualization_orchestrator_module:-:*:*:*:*:*:*:*

Configuration 7 [-]

OR	cpe:2.3:a:cisco:enterprise_nfv_infrastructure_software::::::::
	cpe:2.3:a:cisco:ultra_cloud_core::::::::

Configuration 8 [-]

AND

cpe:2.3:o:cisco:rv160w_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv160w:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:cisco:rv260_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv260:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:cisco:rv160_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv160:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:cisco:rv260p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv260p:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:cisco:rv260w_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv260w:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:cisco:rv340_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv340:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:cisco:rv340w_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv340w:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:cisco:rv345_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv345:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:cisco:rv345p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv345p:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2025/04/16/2
http://www.openwall.com/lists/oss-security/2025/04/18/1
http://www.openwall.com/lists/oss-security/2025/04/18/2
http://www.openwall.com/lists/oss-security/2025/04/18/6
http://www.openwall.com/lists/oss-security/2025/04/19/1
https://github.com/ProDefense/CVE-2025-32433/blob/main/CVE-2025-32433.py
https://github.com/erlang/otp/commit/0fcd9c56524b28615e8ece65fc0c3f66ef6e4c12
https://github.com/erlang/otp/commit/6eef04130afc8b0ccb63c9a0d8650209cf54892f
https://github.com/erlang/otp/commit/b1924d37fd83c070055beb115d5d6a6a9490b891
https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2
https://security.netapp.com/advisory/ntap-20250425-0001/

History

Thu, 12 Jun 2025 16:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Cisco Cisco cloud Native Broadband Network Gateway Cisco confd Basic Cisco enterprise Nfv Infrastructure Software Cisco inode Manager Cisco ncs 1001 Cisco ncs 1002 Cisco ncs 1004 Cisco ncs 2000 Shelf Virtualization Orchestrator Firmware Cisco ncs 2000 Shelf Virtualization Orchestrator Module Cisco network Services Orchestrator Cisco optical Site Manager Cisco rv160 Cisco rv160 Firmware Cisco rv160w Cisco rv160w Firmware Cisco rv260 Cisco rv260 Firmware Cisco rv260p Cisco rv260p Firmware Cisco rv260w Cisco rv260w Firmware Cisco rv340 Cisco rv340 Firmware Cisco rv340w Cisco rv340w Firmware Cisco rv345 Cisco rv345 Firmware Cisco rv345p Cisco rv345p Firmware Cisco smart Phy Cisco staros Cisco ultra Cloud Core Cisco ultra Packet Core Cisco ultra Services Platform
CPEs		cpe:2.3:a:cisco:cloud_native_broadband_network_gateway:::::::: cpe:2.3:a:cisco:confd_basic:::::::: cpe:2.3:a:cisco:enterprise_nfv_infrastructure_software:::::::: cpe:2.3:a:cisco:inode_manager:-:::::::* cpe:2.3:a:cisco:network_services_orchestrator:::::::: cpe:2.3:a:cisco:optical_site_manager:::::::: cpe:2.3:a:cisco:smart_phy:::::::: cpe:2.3:a:cisco:ultra_cloud_core:::::::: cpe:2.3:a:cisco:ultra_packet_core:-:::::::* cpe:2.3:a:cisco:ultra_services_platform:-:::::::* cpe:2.3:h:cisco:ncs_1001:-:::::::* cpe:2.3:h:cisco:ncs_1002:-:::::::* cpe:2.3:h:cisco:ncs_1004:-:::::::* cpe:2.3:h:cisco:ncs_2000_shelf_virtualization_orchestrator_module:-:::::::* cpe:2.3:h:cisco:rv160:-:::::::* cpe:2.3:h:cisco:rv160w:-:::::::* cpe:2.3:h:cisco:rv260:-:::::::* cpe:2.3:h:cisco:rv260p:-:::::::* cpe:2.3:h:cisco:rv260w:-:::::::* cpe:2.3:h:cisco:rv340:-:::::::* cpe:2.3:h:cisco:rv340w:-:::::::* cpe:2.3:h:cisco:rv345:-:::::::* cpe:2.3:h:cisco:rv345p:-:::::::* cpe:2.3:o:cisco:ncs_2000_shelf_virtualization_orchestrator_firmware:::::::: cpe:2.3:o:cisco:rv160_firmware:-:::::::* cpe:2.3:o:cisco:rv160w_firmware:-:::::::* cpe:2.3:o:cisco:rv260_firmware:-:::::::* cpe:2.3:o:cisco:rv260p_firmware:-:::::::* cpe:2.3:o:cisco:rv260w_firmware:-:::::::* cpe:2.3:o:cisco:rv340_firmware:-:::::::* cpe:2.3:o:cisco:rv340w_firmware:-:::::::* cpe:2.3:o:cisco:rv345_firmware:-:::::::* cpe:2.3:o:cisco:rv345p_firmware:-:::::::* cpe:2.3:o:cisco:staros::::::::
Vendors & Products		Cisco Cisco cloud Native Broadband Network Gateway Cisco confd Basic Cisco enterprise Nfv Infrastructure Software Cisco inode Manager Cisco ncs 1001 Cisco ncs 1002 Cisco ncs 1004 Cisco ncs 2000 Shelf Virtualization Orchestrator Firmware Cisco ncs 2000 Shelf Virtualization Orchestrator Module Cisco network Services Orchestrator Cisco optical Site Manager Cisco rv160 Cisco rv160 Firmware Cisco rv160w Cisco rv160w Firmware Cisco rv260 Cisco rv260 Firmware Cisco rv260p Cisco rv260p Firmware Cisco rv260w Cisco rv260w Firmware Cisco rv340 Cisco rv340 Firmware Cisco rv340w Cisco rv340w Firmware Cisco rv345 Cisco rv345 Firmware Cisco rv345p Cisco rv345p Firmware Cisco smart Phy Cisco staros Cisco ultra Cloud Core Cisco ultra Packet Core Cisco ultra Services Platform

Wed, 11 Jun 2025 21:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Erlang Erlang erlang\/otp
CPEs		cpe:2.3:a:erlang:erlang\/otp::::::::
Vendors & Products		Erlang Erlang erlang\/otp

Tue, 10 Jun 2025 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		kev `{'dateAdded': '2025-06-09'}`

Mon, 09 Jun 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics	ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`	ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 25 Apr 2025 23:45:00 +0000

Type	Values Removed	Values Added
References		https://security.netapp.com/advisory/ntap-20250425-0001/

Mon, 21 Apr 2025 17:15:00 +0000

Type	Values Removed	Values Added
References		https://github.com/ProDefense/CVE-2025-32433/blob/main/CVE-2025-32433.py
Metrics	ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`	ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Sat, 19 Apr 2025 16:45:00 +0000

Type	Values Removed	Values Added
References		http://www.openwall.com/lists/oss-security/2025/04/19/1

Sat, 19 Apr 2025 02:45:00 +0000

Type	Values Removed	Values Added
References		http://www.openwall.com/lists/oss-security/2025/04/18/6

Fri, 18 Apr 2025 18:45:00 +0000

Type	Values Removed	Values Added
References		http://www.openwall.com/lists/oss-security/2025/04/18/2

Fri, 18 Apr 2025 05:45:00 +0000

Type	Values Removed	Values Added
References		http://www.openwall.com/lists/oss-security/2025/04/18/1

Thu, 17 Apr 2025 13:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 16 Apr 2025 22:45:00 +0000

Type	Values Removed	Values Added
References		http://www.openwall.com/lists/oss-security/2025/04/16/2

Wed, 16 Apr 2025 21:45:00 +0000

Type	Values Removed	Values Added
Description		Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.
Title		Erlang/OTP SSH Vulnerable to Pre-Authentication RCE
Weaknesses		CWE-306
References		https://github.com/erlang/otp/commit/0fcd9c56524b28615e8ece65fc0c3f66ef6e4c12 https://github.com/erlang/otp/commit/6eef04130afc8b0ccb63c9a0d8650209cf54892f https://github.com/erlang/otp/commit/b1924d37fd83c070055beb115d5d6a6a9490b891 https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2
Metrics		cvssV3_1 `{'score': 10, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2025-04-16T21:34:37.457Z

Updated: 2025-06-10T16:17:12.411Z

Reserved: 2025-04-08T10:54:58.368Z

Link: CVE-2025-32433

Vulnrichment

Updated: 2025-04-25T23:03:01.788Z

NVD

Status : Analyzed

Published: 2025-04-16T22:15:14.373

Modified: 2025-06-12T16:05:19.650

Link: CVE-2025-32433

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation active

Automatable yes

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object