Full Report
Frenos, a company specializing in autonomous OT security assessment platforms, has alerted OT (operational technology) security professionals to... The post Frenos warns OT sector of critical Erlang vulnerability enabling remote code execution affecting millions of devices appeared first on Industrial Cyber.
Analysis Summary
# Vulnerability: Critical Unauthenticated Remote Code Execution in Erlang/OTP SSH Implementation
## CVE Details
- CVE ID: CVE-2025-32433
- CVSS Score: 10.0 (Critical)
- CWE: Not explicitly stated, but implies an authentication bypass/remote code execution flaw.
## Affected Systems
- Products: Erlang/OTP (specifically affecting the SSH implementation)
- Versions: Not explicitly detailed, but versions using the vulnerable SSH implementation. This affects millions of devices, including core networking infrastructure utilized by major service providers and equipment vendors.
- Configurations: Systems running Erlang/OTP where the SSH service is active.
## Vulnerability Description
A critical vulnerability exists within the SSH implementation component of Erlang/OTP. This flaw allows an unauthenticated attacker to execute arbitrary code remotely on affected systems. The exploitation requires no prior credentials or advanced/complex techniques, exploiting a fundamental failure in the SSH implementation's handling of connection requests.
## Exploitation
- Status: Implied high risk; technical details suggest exploitation is straightforward.
- Complexity: Low (No credentials or complex techniques required).
- Attack Vector: Network
## Impact
- Confidentiality: High (Potential for full system compromise)
- Integrity: High (Potential for full system compromise)
- Availability: High (Potential for system denial of service or modification)
## Remediation
### Patches
- Specific patch details are not provided in the source text, but users must update to versions incorporating the fix released by the Erlang/OTP maintainers following the advisory by Frenos. Users should consult official Erlang/OTP advisories.
### Workarounds
- Given the critical, unauthenticated nature of the RCE, workarounds are critical pending patching:
- Restrict network access to the Erlang/OTP SSH service to only trusted hosts via firewall rules.
- If feasible, disable the SSH service entirely until stable patches can be applied.
## Detection
- Indicators of Compromise (IoCs): Exploitation would likely manifest as unexpected process execution or system behavior originating shortly after an unauthenticated connection attempt to the SSH port (default 22).
- Detection methods and tools: Monitor network traffic for unusual SYN packets directed at the SSH port followed by unexpected outgoing traffic or anomalous activity within the Erlang environment processes.
## References
- Frenos Disclosure: defanged: //frenos[.]io/blog/no-ot-authentication-required-understanding-the-erlang-ssh-vulnerability
- Vendor Advisories: Refer to official Erlang/OTP security advisories for the definitive patch announcement.