Erlang/OTP RCE (CVE-2025-32433)
What is the Vulnerability? A critical SSH vulnerability has recently been identified in the Erlang/Open Telecom Platform (OTP). The vulnerability, tracked as CVE-2025-32433, has been assigned a CVSS score of 10.0. It is unauthenticated, remotely exploitable, and requires low complexity to execute.Erlang/OTP is commonly found in IoT devices and telecommunications platforms, and is prominently used…
What is the Vulnerability? A critical SSH vulnerability has recently been identified in the Erlang/Open Telecom Platform (OTP). The vulnerability, tracked as CVE-2025-32433, has been assigned a CVSS score of 10.0. It is unauthenticated, remotely exploitable, and requires low complexity to execute.Erlang/OTP is commonly found in IoT devices and telecommunications platforms, and is prominently used by companies such as Ericsson, WhatsApp, and Cisco, among others.What is the recommended Mitigation?A security patch for OTP has been made available via GitHub. FortiGuard Labs strongly recommends that organizations prioritize applying the latest security updates.What FortiGuard Coverage is available?• FortiGuard IPS coverage is being developed to detect and block exploitation attempts.• The FortiGuard Incident Response team is available to assist with any suspected compromise.