CVE-2025-32433

actively exploited

malware scan detection code search

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.

10.0

cvss critical

common vulnerability scoring system v3.1. measures intrinsic severity on a 0-10 scale.

epss 0.5400

exploitation prediction scoring system. probability this vulnerability will be exploited in the wild in the next 30 days.

kev yes

cisa known exploited vulnerabilities catalog. confirmed active exploitation.

CVSS 3.1 Common Vulnerability Scoring System v3.1

10 / 10

CRITICAL

exploitability

Attack Vector

Network

Attack Vector (AV:N): exploitable remotely over the network — most dangerous. no physical or adjacent access needed.

Attack Complexity

Low

Attack Complexity (AC:L): no special conditions needed. attack can be reliably reproduced.

Privileges Required

None

Privileges Required (PR:N): no authentication needed. any anonymous attacker can exploit this.

User Interaction

None

User Interaction (UI:N): no victim action needed. fully exploitable without user interaction.

impact

Scope

Changed

Scope (S:C): exploitation impacts resources beyond the vulnerable component.

Confidentiality

High

Confidentiality (C:H): total information disclosure. attacker gains access to all data within the component.

Integrity

High

Integrity (I:H): complete data modification possible. attacker can modify any data.

Availability

High

Availability (A:H): total denial of service. attacker can fully shut down the resource.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

exploitation detection attribution advisories media timeline

activity density

rdintel assessment

actively exploited. patch immediately.

flagged malicious repos detected. do not execute.

detection rules available.

composite score from 15+ signals including exploitation status, epss probability, detection coverage, and community attention. 0-100 scale.

exploitation

actively exploited

Vendor - Product Name

Apply vendor-provided patches

poc repositories (3)

researcher/exploit-poc - 42 stars - Python

security-lab/cve-checker - 18 stars - Go

detection

nuclei-template-id - critical - by projectdiscovery

sigma-rule-title - high - windows

timeline

2024-01-15 - published - CVE record created

2024-01-18 - poc - First exploit code published

2024-01-20 - kev - Added to known exploited

pocs, detection rules, timeline, advisories, and more