Multiple Cisco Products Unauthenticated Remote Code Execution in Erlang/OTP SSH Server

On April 16, 2025, a critical vulnerability in the Erlang/OTP SSH server was disclosed. This vulnerability could allow an unauthenticated, remote attacker to perform remote code execution (RCE) on an affected device. The vulnerability is due to a flaw in the handling of SSH messages during the authentication phase. For a description of this vulnerability, see the Erlang announcement. This advisory will be updated as additional information becomes available. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-erlang-otp-ssh-xyZZy Security Impact Rating: Critical CVE: CVE-2025-32433
http://news.poseidon-us.com/TKJn84

Multiple Cisco Products Unauthenticated Remote Code Execution in Erlang/OTP SSH Server

Like this:

Related

More Posts

ISC Stormcast For Wednesday, April 23rd, 2025 https://isc.sans.edu/podcastdetail/9420, (Wed, Apr 23rd)

Honeypot Iptables Maintenance and DShield-SIEM Logging, (Wed, Apr 23rd)

Using ChatGPT, students might pass a course, but with a cost

Brain-inspired AI breakthrough: Making computers see more like humans

Air Force lacks critical skills in digital fluency, data analysis

Air Force lacks critical skills in digital fluency, data analysis

NSW Rural Fire Service fits Starlink to its first 53 vehicles

Redefining public trust: How digital identity can transform U.S. government services

Redefining public trust: How digital identity can transform U.S. government services

Share this:

Like this:

Related

More Posts