vulnerability
FreeBSD: VID-06269ae8-1e0d-11f0-ad0b-b42e991fc52e (CVE-2025-32433): Erlang -- Erlang/OTP SSH Vulnerable to Pre-Authentication RCE
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Apr 20, 2025 | Apr 22, 2025 | Dec 10, 2025 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Apr 20, 2025
Added
Apr 22, 2025
Modified
Dec 10, 2025
Description
[email protected] reports: Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.
Solutions
freebsd-upgrade-package-erlangfreebsd-upgrade-package-erlang-runtime21freebsd-upgrade-package-erlang-runtime22freebsd-upgrade-package-erlang-runtime23freebsd-upgrade-package-erlang-runtime24freebsd-upgrade-package-erlang-runtime25freebsd-upgrade-package-erlang-runtime26freebsd-upgrade-package-erlang-runtime27
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.