CVE-2025-32433

Published: Apr 16, 2025Modified: Nov 4, 2025CISA KEV

10.0

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 6.0

Source: security-advisories@github.com (Secondary)

Description

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.

Affected (34)

Products: Erlang: Erlang/otp · Cisco: Confd Basic, Network Services Orchestrator, Cloud Native Broadband Network Gateway, Inode Manager, Smart Phy, Staros, Ultra Packet Core, Ultra Services Platform, Optical Site Manager, Ncs 2000 Shelf Virtualization Orchestrator Firmware, Enterprise Nfv Infrastructure Software, Ultra Cloud Core, Rv160w Firmware, Rv260 Firmware, Rv160 Firmware, Rv260p Firmware, Rv260w Firmware, Rv340 Firmware, Rv340w Firmware, Rv345 Firmware, Rv345p Firmware · Debian: Debian Linux

1 product

21 products

Network Services Orchestrator

Cloud Native Broadband Network Gateway

Ultra Services Platform

Optical Site Manager

Ncs 2000 Shelf Virtualization Orchestrator Firmware

Enterprise Nfv Infrastructure Software

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Erlang Erlang/otp	Before 25.3.2.20
Erlang Erlang/otp	From 26.0 to 26.2.5.11
Erlang Erlang/otp	From 27.0 to 27.3.3

Configuration B

5 vulnerable

Vulnerable Software	Affected Versions
Cisco Confd Basic	Before 7.7.19.1
Cisco Confd Basic	From 8.0.18 to 8.1.16.2
Cisco Confd Basic	From 8.2 to 8.2.11.1
Cisco Confd Basic	From 8.3 to 8.3.8.1
Cisco Confd Basic	From 8.4 to 8.4.4.1

Configuration C

6 vulnerable

Vulnerable Software	Affected Versions
Cisco Network Services Orchestrator	Before 5.7.19.1
Cisco Network Services Orchestrator	From 5.8 to 6.1.16.2
Cisco Network Services Orchestrator	From 6.2 to 6.2.11.1
Cisco Network Services Orchestrator	From 6.3 to 6.3.8.1
Cisco Network Services Orchestrator	From 6.4 to 6.4.1.1
Cisco Network Services Orchestrator	From 6.4.2 to 6.4.4.1

Configuration D

6 vulnerable

Vulnerable Software	Affected Versions
Cisco Cloud Native Broadband Network Gateway	Before 2025.03.1
Cisco Inode Manager	All versions
Cisco Smart Phy	Before 25.2
Cisco Staros	Before 2025.03
Cisco Ultra Packet Core	Before 2025.03
Cisco Ultra Services Platform	All versions

Configuration E

1 vulnerable · 3 platform

Vulnerable Software	Affected Versions
Cisco Optical Site Manager	Before 25.2.1

Running on/with	Platform Versions
Cisco Ncs 1001	All versions
Cisco Ncs 1002	All versions
Cisco Ncs 1004	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Ncs 2000 Shelf Virtualization Orchestrator Firmware	Before 25.1.1

Running on/with	Platform Versions
Cisco Ncs 2000 Shelf Virtualization Orchestrator Module	All versions

Configuration G

2 vulnerable

Vulnerable Software	Affected Versions
Cisco Enterprise Nfv Infrastructure Software	Before 4.18
Cisco Ultra Cloud Core	Before 2025.03.1

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Rv160w Firmware	All versions

Running on/with	Platform Versions
Cisco Rv160w	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Rv260 Firmware	All versions

Running on/with	Platform Versions
Cisco Rv260	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Rv160 Firmware	All versions

Running on/with	Platform Versions
Cisco Rv160	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Rv260p Firmware	All versions

Running on/with	Platform Versions
Cisco Rv260p	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Rv260w Firmware	All versions

Running on/with	Platform Versions
Cisco Rv260w	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Rv340 Firmware	All versions

Running on/with	Platform Versions
Cisco Rv340	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Rv340w Firmware	All versions

Running on/with	Platform Versions
Cisco Rv340w	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Rv345 Firmware	All versions

Running on/with	Platform Versions
Cisco Rv345	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Rv345p Firmware	All versions

Running on/with	Platform Versions
Cisco Rv345p	All versions

Configuration Q

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 11.0

Related CWEs

CWE-306

Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References (14)

https://github.com/erlang/otp/commit/0fcd9c56524b28615e8ece65fc0c3f66ef6e4c12

Source: security-advisories@github.com

Patch

https://github.com/erlang/otp/commit/6eef04130afc8b0ccb63c9a0d8650209cf54892f

Source: security-advisories@github.com

Patch

https://github.com/erlang/otp/commit/b1924d37fd83c070055beb115d5d6a6a9490b891

Source: security-advisories@github.com

Patch

https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2

Source: security-advisories@github.com

Vendor Advisory

http://www.openwall.com/lists/oss-security/2025/04/16/2