BeyondMachines :verified:@beyondmachines1@infosec.exchange
The critical Erlang/OTP SSH flaw actively exploited targeting operational technology networks
A critical vulnerability (CVE-2025-32433) in Erlang/OTP's SSH implementation allows unauthenticated remote code execution and is being actively exploited against internet-exposed systems, with Palo Alto Networks detecting 275 vulnerable hosts and noting that 70% of exploitation attempts target operational technology networks. Despite patches being available, widespread exploitation continues as organizations struggle to update critical infrastructure systems.
If you are running Erlang based SSH service, time to update NOW. Especially in OT networks. Naturally, make sure the OT systems are not exposed to the internet. Then start patching.
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/the-critical-erlang-otp-ssh-flaw-actively-exploited-targeting-operational-technology-networks-u-v-1-j-q/gD2P6Ple2L