Cisco is investigating the impact of the Erlang/OTP remote code execution vulnerability CVE-2025-32433 on its products.
April 24, 2025 By Eduard Kovacs
Cisco is investigating the impact of a recently disclosed Erlang/OTP vulnerability and it has confirmed that several of its products are affected by the critical remote code execution flaw.
It came to light last week that a critical vulnerability allowing device takeover was discovered in the SSH implementation of Erlang/OTP, a collection of libraries, middleware and other tools designed for creating soft real-time systems that require high availability, such as banking, e-commerce, and communications applications.
The flaw, discovered by a team of researchers from Ruhr University Bochum in Germany, is tracked as CVE-2025-32433, and it has been described as an SSH protocol message handling issue that can allow an unauthenticated attacker to gain access to affected systems and execute arbitrary code.