Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute code on impacted devices.Researchers at the Ruhr University Bochum in Germany disclosed the flaw on Wednesday, warning that all devices running the daemon were vulnerable.’The issue is caused by a flaw in the SSH protocol message handling which allows an attacker to send connection protocol messages prior to authentication,’ reads [a disclosure](https://www.openwall.com/lists/oss-security/2025/04/16/2) on the OpenWall vulnerability mailing list.The flaw was fixed in versions 25.3.2.10 and 26.2.4, but as the paltform is commonly used in telecom infrastructure, databases, and high-availability systems, it may not be easy to update devices immediately.However, the situation has become more urgent, as multiple cybersecurity researchers have privately created exploits that achieve remote code execution on vulnerable devices.This includes [Peter Girnus](https://x.com/gothburz/status/1913023970355331445) of the Zero Day Initiative and researchers from Horizon3, who said the flaw was [surprisingly easy to exploit](http://x.com/Horizon3Attack/status/1912945580902334793).Soon after, PoC exploits were [published on GitHub](https://github.com/ProDefense/CVE-2025-32433) by ProDefense, and another was published anonymously on Pastebin, with both quickly shared on social media.Girnus confirmed to BleepingComputer that ProDefense’s PoC is valid but was not able to successfully exploit Erlang/OTP SSH using the one posted to Pastebin.Now that public exploits are available, threat actors will soon begin scanning for vulnerable systems and exploiting them.’SSH is the most commonly used remote access management protocol so I expect this combination to be widespread in critical infrastructure,’ Girnus told BleepingComputer.’It’s a bit concerning especially considering how frequently telcos are targeted by nation state APTs such as Volt and Salt Typhoon for example.’Girnus refers to the Chinese state-sponsored hacking groups responsible for [hacking edge networking equipment](https://www.bleepingcomputer.com/news/security/cisa-vendors-must-secure-soho-routers-against-volt-typhoon-attacks/) and [breaching telecommunications providers](https://www.bleepingcomputer.com/news/security/chinese-hackers-breach-more-us-telecoms-via-unpatched-cisco-routers/) in the US and worldwide.While it is unclear how many devices are utilizing the Erlang OTP’s SSH daemon, over 600,000 IP addresses are running Erlang/OTP according to a [Shodan query](https://www.shodan.io/search?query=%22Erlang%2FOTP%22) shared by Girnus.’These are mostly CouchDB instances, CouchDB is implemented in Erlang and runs on the Erlang/OTP platform,’ the researcher explained in a chat about the public exploits.Now that public exploits are available, it is strongly advised that all devices running Erlang OTP SSH be upgraded immediately before threat actors compromise them. ### Related Articles:[Critical Erlang/OTP SSH pre-auth RCE is ‘Surprisingly Easy’ to exploit, patch now](https://www.bleepingcomputer.com/news/security/critical-erlang-otp-ssh-pre-auth-rce-is-surprisingly-easy-to-exploit-patch-now/)[ASUS warns of critical auth bypass flaw in routers using AiCloud](https://www.bleepingcomputer.com/news/security/asus-warns-of-critical-auth-bypass-flaw-in-routers-using-aicloud/)[Windows NTLM hash leak flaw exploited in phishing attacks on governments](https://www.bleepingcomputer.com/news/security/windows-ntlm-hash-leak-flaw-exploited-in-phishing-attacks-on-governments/)[Apple fixes two zero-days exploited in targeted iPhone attacks](https://www.bleepingcomputer.com/news/security/apple-fixes-two-zero-days-exploited-in-targeted-iphone-attacks/)[Hackers exploit WordPress plugin auth bypass hours after disclosure](https://www.bleepingcomputer.com/news/security/hackers-exploit-wordpress-plugin-auth-bypass-hours-after-disclosure/)
Related Tags:
NAICS: 48 – Transportation
NAICS: 54 – Professional
Scientific
Technical Services
NAICS: 481 – Air Transportation
NAICS: 335 – Electrical Equipment
Appliance
Component Manufacturing
NAICS: 519 – Web Search Portals
Libraries
Archives
Other Information Services
NAICS: 81 – Other Services (except Public Administration)
NAICS: 541 – Professional
Scientific
Technical Services
NAICS: 92 – Public Administration
NAICS: 33 – Manufacturing – Metal
Electronics And Other
Associated Indicators:
null