BeyondMachines :verified:<p>The critical Erlang/OTP SSH flaw actively exploited targeting operational technology networks</p><p>A critical vulnerability (CVE-2025-32433) in Erlang/OTP's SSH implementation allows unauthenticated remote code execution and is being actively exploited against internet-exposed systems, with Palo Alto Networks detecting 275 vulnerable hosts and noting that 70% of exploitation attempts target operational technology networks. Despite patches being available, widespread exploitation continues as organizations struggle to update critical infrastructure systems.</p><p>**If you are running Erlang based SSH service, time to update NOW. Especially in OT networks. Naturally, make sure the OT systems are not exposed to the internet. Then start patching.**<br><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/attack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>attack</span></a> <a href="https://infosec.exchange/tags/activeexploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>activeexploit</span></a><br><a href="https://beyondmachines.net/event_details/the-critical-erlang-otp-ssh-flaw-actively-exploited-targeting-operational-technology-networks-u-v-1-j-q/gD2P6Ple2L" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">beyondmachines.net/event_detai</span><span class="invisible">ls/the-critical-erlang-otp-ssh-flaw-actively-exploited-targeting-operational-technology-networks-u-v-1-j-q/gD2P6Ple2L</span></a></p>