■■■■■ CVE-2025-32433: Critical Telecom Vulnerability: No-Auth SSH and Al-Built Exploit.
A critical flaw in Erlang/OTP’s SSH server allows attackers to exploit SSH message handling and execute remote code without authentication.
What is Erlang?
Erlang is a programming language developed by Ericsson in the ’80s, built for telecom systems. It’s still widely used in core networks running SS7, diameter, SIP, and other signalling functions.
How many deployments are out there?
It’s hard to say. Erlang’s footprint is buried deep in proprietary systems, but it’s likely everywhere in telecoms and critical infrastructure where uptime and concurrency matter.
So what can a hacker do?
By exploiting CVE-2025-32433, a hacker can gain unauthenticated access, execute code, install malware or backdoors, exfiltrate data, disrupt services and move laterally across telecom or backend systems.
What to do?
If you’re in telecom or critical infrastructure – assume you’re affected unless proven otherwise: Ask your vendors – focus first on internal platforms using Erlang/OTP SSH Patch, disable or segment – don’t leave SSH listeners open if you don’t need them,.
The Al angle and how the exploit was created Initially, researchers at Ruhr University Bochum published an advisory noting a flaw in decode_packet That alone was enough for another researcher to:
1 Use Al to analyze Erlang’s SSH packet parsing.
2. Trace the logic to spot the vulnerability.
3 Build a working PoC showing remote code execution All fromm public info -+ Al- no private patch, no insider access.
Credits to Fabian Bäumer, Marcel Maehren, Marcus Brinkmann, and Joerg Schwenk from Ruhr University Bochum for the research, and bravo to Matthew K. for crafting the PoC using AI.
Source: Linkedin | Dmitry