{"id":4165,"date":"2025-05-13T05:36:05","date_gmt":"2025-05-13T05:36:05","guid":{"rendered":"http:\/\/localhost\/?p=4165"},"modified":"2025-05-13T05:36:05","modified_gmt":"2025-05-13T05:36:05","slug":"about-remote-code-execution-erlangotp-cve-2025-32433-vulnerability","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=4165","title":{"rendered":"About Remote Code Execution \u2013 Erlang\/OTP (CVE-2025-32433) vulnerability"},"content":{"rendered":"<h2>Security Update News<\/h2>\n<h3>Update Information<\/h3>\n<table style=\"width:100%; border-collapse: collapse; margin-bottom: 20px;\">\n<tr>\n<th style=\"text-align: left; padding: 8px; border: 1px solid #ddd; \">Title<\/th>\n<td style=\"padding: 8px; border: 1px solid #ddd;\">About Remote Code Execution \u2013 Erlang\/OTP (CVE-2025-32433) vulnerability<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border: 1px solid #ddd; \">Update ID<\/th>\n<td style=\"padding: 8px; border: 1px solid #ddd;\">AVLEONOV:1854CE6BBEBE88AD938E553E4AC0F810<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border: 1px solid #ddd; \">Type<\/th>\n<td style=\"padding: 8px; border: 1px solid #ddd;\">avleonov<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border: 1px solid #ddd; \">Published<\/th>\n<td style=\"padding: 8px; border: 1px solid #ddd;\">2025-05-12T20:46:16<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border: 1px solid #ddd; \">Last Updated<\/th>\n<td style=\"padding: 8px; border: 1px solid #ddd;\">2025-05-12T20:46:16<\/td>\n<\/tr>\n<\/table>\n<h3>Security Impact<\/h3>\n<table style=\"width:100%; border-collapse: collapse; margin-bottom: 20px;\">\n<tr>\n<th style=\"text-align: left; padding: 8px; border: 1px solid #ddd; \">CVSS Score<\/th>\n<td style=\"padding: 8px; border: 1px solid #ddd;\">10.0<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border: 1px solid #ddd; \">Severity<\/th>\n<td style=\"padding: 8px; border: 1px solid #ddd; color: #cc0000; font-weight: bold;\">CRITICAL<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border: 1px solid #ddd; \">Attack Vector<\/th>\n<td style=\"padding: 8px; border: 1px solid #ddd;\">NETWORK<\/td>\n<\/tr>\n<\/table>\n<h3>Affected CVEs<\/h3>\n<div style=\" padding: 15px; border: 1px solid #ddd; margin-bottom: 20px;\">\n<ul style=\"margin: 0; padding-left: 20px;\">\n<li>CVE-2025-32433<\/li>\n<\/ul>\n<\/div>\n<h3>Update Details<\/h3>\n<div style=\"; padding: 15px; border-left: 4px solid #4CAF50; margin-bottom: 20px;\">\n![About Remote Code Execution &#8211; Erlang\/OTP \\(CVE-2025-32433\\) vulnerability](https:\/\/avleonov.com\/wp-content\/uploads\/2025\/05\/photo_813@12-05-2025_23-46-16.jpg)<\/p>\n<p>**About** **Remote Code Execution &#8211; Erlang\/OTP (CVE-2025-32433) vulnerability.** Erlang is a programming language used to build massively scalable soft real-time systems with requirements for high availability. Used in telecom, banking, e-commerce, telephony, and messaging. OTP is a set of Erlang libraries and design principles providing middle-ware to develop these systems. <\/p>\n<p>A message handling vulnerability in the Erlang\/OTP SSH server allows an unauthenticated attacker to execute arbitrary code. The code runs in the context of the SSH daemon. If the daemon is running as root, this grants full control over the device.<\/p>\n<p>![\ud83d\udd3b](https:\/\/s.w.org\/images\/core\/emoji\/15.1.0\/72&#215;72\/1f53b.png) The vendor bulletin was released on April 16. Updated versions: OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20.<\/p>\n<p>![\ud83d\udd3b](https:\/\/s.w.org\/images\/core\/emoji\/15.1.0\/72&#215;72\/1f53b.png) On April 17, a write-up and a PoC exploit (developed using AI) appeared on the Platform Security blog.<\/p>\n<p>![\ud83d\udd3b](https:\/\/s.w.org\/images\/core\/emoji\/15.1.0\/72&#215;72\/1f53b.png) Cisco devices are affected &#8211; and likely not the only ones. ![\ud83d\ude0f](https:\/\/s.w.org\/images\/core\/emoji\/15.1.0\/72&#215;72\/1f60f.png)<\/p>\n<p>![\ud83d\udc7e](https:\/\/s.w.org\/images\/core\/emoji\/15.1.0\/72&#215;72\/1f47e.png) No signs of exploitation in the wild so far.<\/p>\n<p>\u041d\u0430 \u0440\u0443\u0441\u0441\u043a\u043e\u043c\n<\/p><\/div>\n<p><a href=\"https:\/\/avleonov.com\/2025\/05\/12\/1534-about-remote-code-execution-erlangotp-cve-2025-3\/\" target=\"_blank\" style=\"display: inline-block; color: white; padding: 10px 20px; text-decoration: none; border-radius: 4px;\">View Advisory Details<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Security Update News Update Information Title About Remote Code Execution \u2013 Erlang\/OTP (CVE-2025-32433) vulnerability Update ID AVLEONOV:1854CE6BBEBE88AD938E553E4AC0F810 Type avleonov Published 2025-05-12T20:46:16 Last Updated 2025-05-12T20:46:16 Security&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[155,9,6,8,36,12,13,7,11,5],"class_list":["post-4165","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-avleonov","tag-critical","tag-cve","tag-cvss","tag-cvss-100","tag-exploit","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>About Remote Code Execution \u2013 Erlang\/OTP (CVE-2025-32433) vulnerability - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=4165\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"About Remote Code Execution \u2013 Erlang\/OTP (CVE-2025-32433) vulnerability - zero redgem\" \/>\n<meta property=\"og:description\" content=\"Security Update News Update Information Title About Remote Code Execution \u2013 Erlang\/OTP (CVE-2025-32433) vulnerability Update ID AVLEONOV:1854CE6BBEBE88AD938E553E4AC0F810 Type avleonov Published 2025-05-12T20:46:16 Last Updated 2025-05-12T20:46:16 Security...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=4165\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-13T05:36:05+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=4165#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=4165\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"About Remote Code Execution \u2013 Erlang\\\/OTP (CVE-2025-32433) vulnerability\",\"datePublished\":\"2025-05-13T05:36:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=4165\"},\"wordCount\":290,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"avleonov\",\"CRITICAL\",\"CVE\",\"CVSS\",\"CVSS-10.0\",\"exploit\",\"news\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_news\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=4165#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=4165\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=4165\",\"name\":\"About Remote Code Execution \u2013 Erlang\\\/OTP (CVE-2025-32433) vulnerability - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-05-13T05:36:05+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=4165#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=4165\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=4165#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"About Remote Code Execution \u2013 Erlang\\\/OTP (CVE-2025-32433) vulnerability\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"About Remote Code Execution \u2013 Erlang\/OTP (CVE-2025-32433) vulnerability - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=4165","og_locale":"en_US","og_type":"article","og_title":"About Remote Code Execution \u2013 Erlang\/OTP (CVE-2025-32433) vulnerability - zero redgem","og_description":"Security Update News Update Information Title About Remote Code Execution \u2013 Erlang\/OTP (CVE-2025-32433) vulnerability Update ID AVLEONOV:1854CE6BBEBE88AD938E553E4AC0F810 Type avleonov Published 2025-05-12T20:46:16 Last Updated 2025-05-12T20:46:16 Security...","og_url":"https:\/\/zero.redgem.net\/?p=4165","og_site_name":"zero redgem","article_published_time":"2025-05-13T05:36:05+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=4165#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=4165"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"About Remote Code Execution \u2013 Erlang\/OTP (CVE-2025-32433) vulnerability","datePublished":"2025-05-13T05:36:05+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=4165"},"wordCount":290,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["avleonov","CRITICAL","CVE","CVSS","CVSS-10.0","exploit","news","Security","tapic","Vulnerability"],"articleSection":["category_news"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=4165#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=4165","url":"https:\/\/zero.redgem.net\/?p=4165","name":"About Remote Code Execution \u2013 Erlang\/OTP (CVE-2025-32433) vulnerability - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-05-13T05:36:05+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=4165#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=4165"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=4165#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"About Remote Code Execution \u2013 Erlang\/OTP (CVE-2025-32433) vulnerability"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/4165","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4165"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/4165\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4165"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4165"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4165"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}