Ddos 
A critical remote code execution (RCE) vulnerability tracked as CVE-2025-32433 has disclosed. This flaw resides in the Erlang/OTP SSH server and affects a number of Cisco products that rely on the platform for secure communications. With a maximum CVSS score of 10, the vulnerability allows unauthenticated remote attackers to execute arbitrary code on impacted devices.
Disclosed on April 16, 2025, the vulnerability stems from “a flaw in the SSH protocol message handling which allows an attacker to send connection protocol messages prior to authentication,” as reported on the OpenWall security mailing list. This flaw opens the door for attackers to bypass authentication and gain unauthorized access to vulnerable systems.
Versions 25.3.2.10 and 26.2.4 of Erlang/OTP have patched the issue. However, due to the widespread use of Erlang/OTP in telecom infrastructure, databases, and high-availability systems, immediate patch deployment may not be feasible for all organizations.
Cisco is actively investigating its product lines to assess exposure. Currently, confirmed vulnerable products include:
| Cisco Product | Cisco Bug ID | Fixed Release Available |
|---|---|---|
| Network Application, Service, and Acceleration | ||
| ConfD, ConfD Basic | CSCwo83759 | May 2025 |
| Network Management and Provisioning | ||
| Network Services Orchestrator (NSO) | CSCwo83796 | May 2025 |
In addition, the following products are under investigation:
- Cyber Vision
- Smart PHY
- Virtual Topology System (VTS)
- Virtualized Infrastructure Manager
- WAE Automation
- ASR 5000 Series Routers (StarOS)
- Catalyst Center (formerly DNA Center)
- Expressway and TelePresence VCS
- Small Business RV Series Routers
- Intelligent Node Software
- Ultra Cloud Core – Policy Control Function
- Ultra Cloud Core – Subscriber Microservices Infrastructure
Cisco emphasizes that “The Cisco PSIRT is not aware of any malicious use of the vulnerability“ so far. However, the presence of public exploits means that organizations must act swiftly to assess and mitigate their risk.
Donate