• Security researchers find a 10/10 flaw in Erlang/OTP SSH
• Horizon3 Attack Team says the flaw is “surprisingly easy” to exploit
• A patch is available, so users should update now

Erlang/OTP SSH, a set of libraries for the Erlang programming language, carries a maximum-severity vulnerability that allows for remote code execution and is “surprisingly easy” to exploit, researchers are warning.

A team of cybersecurity researchers from the Ruhr University Bochum (Germany) recently discovered an improper handling of pre-authentication protocol messages flaw, which affects all versions of Erlang/OTP SSH. It is tracked as CVE-2025-32433 and carries a severity score of 10/10 (critical).

Erlang/OTP SSH is a module within the Erlang/OTP standard library that provides support for implementing Secure Shell (SSH) clients and servers in Erlang applications.

Remote code execution

Erlang is a functional programming language and runtime system designed for building highly concurrent, distributed, and fault-tolerant systems. It was originally developed by Ericsson, for use in telecoms, but has expanded into messaging systems, databases, and other applications where uptime and scalability are critical.

“The issue is caused by a flaw in the SSH protocol message handling which allows an attacker to send connection protocol messages prior to authentication,” a warning on the OpenWall vulnerability mailing list reads.

Soon after the news broke, security researchers from the Horizon3 Attack Team tried to reproduce the flaw and found it to be “surprisingly easy”, which should be cause for concern.

“Just finished reproducing CVE-2025-32433 and putting together a quick PoC exploit — surprisingly easy,” the team said on X. “Wouldn’t be shocked if public PoCs start dropping soon. If you’re tracking this, now’s the time to take action.”

Taking action would mean applying the patch which is now available and which mitigates the risk. Since all older versions are vulnerable, all users are advised to upgrade to versions 25.3.2.10 and 26.2.4.

Threat actors are more active in the short window between a patch being released, and being applied by the users. Most organizations are not that diligent when it comes to patching, giving cybercriminals a relatively easy exploit avenue.

Via BleepingComputer

You might also like

• OpenSSH vulnerabilities could pose huge threat to businesses everywhere
• Take a look at our guide to the best authenticator app
• We’ve rounded up the best password managers

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.