CVE-2025-32433

KEV
Published: Apr 16, 2025 Last Modified: Nov 04, 2025
ExploitDB:
Other exploit source:
Google Dorks:
CRITICAL 10,0
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: changed
Confidentiality: high
Integrity: high
Availability: high

Description

AI Translation Available

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,4392
Percentile
1,0th
Updated

EPSS Score Trend (Last 90 Days)

306

Missing Authentication for Critical Function

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Access Control Other
Potential Impacts:
Gain Privileges Or Assume Identity Varies By Context
Applicable Platforms
Technologies: Cloud Computing, ICS/OT
Likelihood of Exploit: High
View CWE Details
Application

Network Services Orchestrator by Cisco

Product Information
Vendor Cisco
Product Network Services Orchestrator
Version Range Affected
From 5.8 (inclusive)
To 6.1.16.2 (exclusive)
cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Ultra Packet Core by Cisco

Product Information
Vendor Cisco
Product Ultra Packet Core
Version Range Affected
To 2025.03 (exclusive)
cpe:2.3:a:cisco:ultra_packet_core:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Rv345P Firmware by Cisco

Product Information
Vendor Cisco
Product Rv345P Firmware
Version -
cpe:2.3:o:cisco:rv345p_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Optical Site Manager by Cisco

Product Information
Vendor Cisco
Product Optical Site Manager
Version Range Affected
To 25.2.1 (exclusive)
cpe:2.3:a:cisco:optical_site_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Rv260W Firmware by Cisco

Product Information
Vendor Cisco
Product Rv260W Firmware
Version -
cpe:2.3:o:cisco:rv260w_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Erlang\/Otp by Erlang

Product Information
Vendor Erlang
Product Erlang\/Otp
Version Range Affected
From 27.0 (inclusive)
To 27.3.3 (exclusive)
cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Ultra Services Platform by Cisco

Product Information
Vendor Cisco
Product Ultra Services Platform
Version -
cpe:2.3:a:cisco:ultra_services_platform:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Confd Basic by Cisco

Product Information
Vendor Cisco
Product Confd Basic
Version Range Affected
From 8.4 (inclusive)
To 8.4.4.1 (exclusive)
cpe:2.3:a:cisco:confd_basic:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Rv260P Firmware by Cisco

Product Information
Vendor Cisco
Product Rv260P Firmware
Version -
cpe:2.3:o:cisco:rv260p_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Ncs 2000 Shelf Virtualization Orchestrator Firmware by Cisco

Product Information
Vendor Cisco
Product Ncs 2000 Shelf Virtualization Orchestrator Firmware
Version Range Affected
To 25.1.1 (exclusive)
cpe:2.3:o:cisco:ncs_2000_shelf_virtualization_orchestrator_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Ultra Cloud Core by Cisco

Product Information
Vendor Cisco
Product Ultra Cloud Core
Version Range Affected
To 2025.03.1 (exclusive)
cpe:2.3:a:cisco:ultra_cloud_core:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Erlang\/Otp by Erlang

Product Information
Vendor Erlang
Product Erlang\/Otp
Version Range Affected
From 26.0 (inclusive)
To 26.2.5.11 (exclusive)
cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Network Services Orchestrator by Cisco

Product Information
Vendor Cisco
Product Network Services Orchestrator
Version Range Affected
From 6.2 (inclusive)
To 6.2.11.1 (exclusive)
cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Confd Basic by Cisco

Product Information
Vendor Cisco
Product Confd Basic
Version Range Affected
From 8.2 (inclusive)
To 8.2.11.1 (exclusive)
cpe:2.3:a:cisco:confd_basic:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Network Services Orchestrator by Cisco

Product Information
Vendor Cisco
Product Network Services Orchestrator
Version Range Affected
From 6.4 (inclusive)
To 6.4.1.1 (exclusive)
cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Confd Basic by Cisco

Product Information
Vendor Cisco
Product Confd Basic
Version Range Affected
From 8.3 (inclusive)
To 8.3.8.1 (exclusive)
cpe:2.3:a:cisco:confd_basic:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Rv340W Firmware by Cisco

Product Information
Vendor Cisco
Product Rv340W Firmware
Version -
cpe:2.3:o:cisco:rv340w_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Network Services Orchestrator by Cisco

Product Information
Vendor Cisco
Product Network Services Orchestrator
Version Range Affected
From 6.3 (inclusive)
To 6.3.8.1 (exclusive)
cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Confd Basic by Cisco

Product Information
Vendor Cisco
Product Confd Basic
Version Range Affected
From 8.0.18 (inclusive)
To 8.1.16.2 (exclusive)
cpe:2.3:a:cisco:confd_basic:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Confd Basic by Cisco

Product Information
Vendor Cisco
Product Confd Basic
Version Range Affected
To 7.7.19.1 (exclusive)
cpe:2.3:a:cisco:confd_basic:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Network Services Orchestrator by Cisco

Product Information
Vendor Cisco
Product Network Services Orchestrator
Version Range Affected
From 6.4.2 (inclusive)
To 6.4.4.1 (exclusive)
cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Enterprise Nfv Infrastructure Software by Cisco

Product Information
Vendor Cisco
Product Enterprise Nfv Infrastructure Software
Version Range Affected
To 4.18 (exclusive)
cpe:2.3:a:cisco:enterprise_nfv_infrastructure_software:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Rv260 Firmware by Cisco

Product Information
Vendor Cisco
Product Rv260 Firmware
Version -
cpe:2.3:o:cisco:rv260_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Inode Manager by Cisco

Product Information
Vendor Cisco
Product Inode Manager
Version -
cpe:2.3:a:cisco:inode_manager:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Rv160 Firmware by Cisco

Product Information
Vendor Cisco
Product Rv160 Firmware
Version -
cpe:2.3:o:cisco:rv160_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Network Services Orchestrator by Cisco

Product Information
Vendor Cisco
Product Network Services Orchestrator
Version Range Affected
To 5.7.19.1 (exclusive)
cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Staros by Cisco

Product Information
Vendor Cisco
Product Staros
Version Range Affected
To 2025.03 (exclusive)
cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Smart Phy by Cisco

Product Information
Vendor Cisco
Product Smart Phy
Version Range Affected
To 25.2 (exclusive)
cpe:2.3:a:cisco:smart_phy:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Rv160W Firmware by Cisco

Product Information
Vendor Cisco
Product Rv160W Firmware
Version -
cpe:2.3:o:cisco:rv160w_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Erlang\/Otp by Erlang

Product Information
Vendor Erlang
Product Erlang\/Otp
Version Range Affected
To 25.3.2.20 (exclusive)
cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Rv345 Firmware by Cisco

Product Information
Vendor Cisco
Product Rv345 Firmware
Version -
cpe:2.3:o:cisco:rv345_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Cloud Native Broadband Network Gateway by Cisco

Product Information
Vendor Cisco
Product Cloud Native Broadband Network Gateway
Version Range Affected
To 2025.03.1 (exclusive)
cpe:2.3:a:cisco:cloud_native_broadband_network_gateway:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Debian Linux by Debian

Product Information
Vendor Debian
Product Debian Linux
Version 11.0
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Rv340 Firmware by Cisco

Product Information
Vendor Cisco
Product Rv340 Firmware
Version -
cpe:2.3:o:cisco:rv340_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://github.com/ProDefense/CVE-2025-32433/blob/main/CVE-…
https://github.com/ProDefense/CVE-2025-32433/blob/main/CVE-2025-32433.py
https://sec.cloudapps.cisco.com/security/center/content/Cis…
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/c…
https://www.cisa.gov/known-exploited-vulnerabilities-catalo…
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025…
https://lists.debian.org/debian-lts-announce/2025/04/msg000…
https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html
https://security.netapp.com/advisory/ntap-20250425-0001/
https://security.netapp.com/advisory/ntap-20250425-0001/
http://www.openwall.com/lists/oss-security/2025/04/16/2
http://www.openwall.com/lists/oss-security/2025/04/16/2
http://www.openwall.com/lists/oss-security/2025/04/18/1
http://www.openwall.com/lists/oss-security/2025/04/18/1
http://www.openwall.com/lists/oss-security/2025/04/18/2
http://www.openwall.com/lists/oss-security/2025/04/18/2
http://www.openwall.com/lists/oss-security/2025/04/18/6
http://www.openwall.com/lists/oss-security/2025/04/18/6
http://www.openwall.com/lists/oss-security/2025/04/19/1
http://www.openwall.com/lists/oss-security/2025/04/19/1
https://github.com/erlang/otp/commit/0fcd9c56524b28615e8ece…
https://github.com/erlang/otp/commit/0fcd9c56524b28615e8ece65fc0c3f66ef6e4c12
https://github.com/erlang/otp/commit/6eef04130afc8b0ccb63c9…
https://github.com/erlang/otp/commit/6eef04130afc8b0ccb63c9a0d8650209cf54892f
https://github.com/erlang/otp/commit/b1924d37fd83c070055beb…
https://github.com/erlang/otp/commit/b1924d37fd83c070055beb115d5d6a6a9490b891
https://github.com/erlang/otp/security/advisories/GHSA-37cp…
https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2