vulnerability
SUSE: CVE-2025-32433: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Apr 22, 2025 | Dec 5, 2025 | Dec 5, 2025 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Apr 22, 2025
Added
Dec 5, 2025
Modified
Dec 5, 2025
Description
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.
Solutions
suse-upgrade-erlangsuse-upgrade-erlang-debuggersuse-upgrade-erlang-debugger-srcsuse-upgrade-erlang-dialyzersuse-upgrade-erlang-dialyzer-srcsuse-upgrade-erlang-diametersuse-upgrade-erlang-diameter-srcsuse-upgrade-erlang-docsuse-upgrade-erlang-epmdsuse-upgrade-erlang-etsuse-upgrade-erlang-et-srcsuse-upgrade-erlang-jinterfacesuse-upgrade-erlang-jinterface-srcsuse-upgrade-erlang-observersuse-upgrade-erlang-observer-srcsuse-upgrade-erlang-reltoolsuse-upgrade-erlang-reltool-srcsuse-upgrade-erlang-srcsuse-upgrade-erlang-wxsuse-upgrade-erlang-wx-srcsuse-upgrade-erlang26suse-upgrade-erlang26-debuggersuse-upgrade-erlang26-debugger-srcsuse-upgrade-erlang26-dialyzersuse-upgrade-erlang26-dialyzer-srcsuse-upgrade-erlang26-diametersuse-upgrade-erlang26-diameter-srcsuse-upgrade-erlang26-docsuse-upgrade-erlang26-epmdsuse-upgrade-erlang26-etsuse-upgrade-erlang26-et-srcsuse-upgrade-erlang26-jinterfacesuse-upgrade-erlang26-jinterface-srcsuse-upgrade-erlang26-observersuse-upgrade-erlang26-observer-srcsuse-upgrade-erlang26-reltoolsuse-upgrade-erlang26-reltool-srcsuse-upgrade-erlang26-srcsuse-upgrade-erlang26-wxsuse-upgrade-erlang26-wx-src
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.