The SonicWall Capture Labs threat research team became aware of a pre-authentication vulnerability in Erlang/OTP (Open Telegram Platform) SSH server implementation, assessed its impact, and developed mitigation measures.
Erlang/OTP is a known toolkit used to build scalable, fault-tolerant systems such as telecommunications, messaging platforms, IoT infrastructure and financial services. It is used by organizations like Ericsson, Cisco and WhatsApp. Identified as CVE-2025-32433, Erlang/OTP SSH vulnerable versions include OTP 27.3.2 and earlier, OTP 26.2.5.10 and earlier, OTP 25.3.2.19 and earlier, and versions from OTP 17.0 and older. These vulnerable versions allow an attacker to be authenticated, verified and logged in as users because the server fails to properly reject certain types of protocol messages that are sent before the authentication phase of the SSH handshake.
Read more…
Source: Sonicwall
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Chinese engineer stole US military and NASA software for years
April 28, 2026
International espionage isn’t always about sophisticated malware and zero-day bugs. Sometimes it’s as simple as pretending to be someone else asking for a favor. For four years, a Chinese aerospace engineer did just that. Dozens of researchers at NASA, the US military, and major universities handed him exactly what he asked for, and possibly violated US ...
- ADT confirms cyber intrusion after ShinyHunters extortion attempt
April 27, 2026
A home security biz getting digitally burgled is not a great look – but that’s exactly where ADT finds itself. The company has confirmed a cyber intrusion following an extortion attempt by the ShinyHunters crew, which claims to have made off with more than 10 million records. US-based ADT is one of the world’s largest providers ...
- Attackers use hidden SMS and signalling systems to track targets’ location
April 24, 2026
Security researchers have just unveiled details of two covert surveillance campaigns that exploit weaknesses in the global telecom infrastructure. In a report published on Thursday, Citizen Lab explains that attackers abuse the signalling systems mobile operators use to support roaming, route messages, and locate devices on the network. The weaknesses were used to track certain subscribers ...
- Governments on high alert after CISA snuffs out Firestarter backdoor on fed network
April 24, 2026
A US federal agency was successfully targeted by a previously unknown backdoor malware called Firestarter, according to CISA cybersnoops and their UK counterparts – neither of which disclosed the agency’s name. Federal Civilian Executive Branch (FCEB) agencies include NASA; Homeland Security itself (cyberworkers at CISA are part of an operational unit in Homeland Security); the FBI; the DoJ; the IRS; the ...
- PhantomRPC: A new privilege escalation technique in Windows Remote Procedure Call
April 24, 2026
Windows Interprocess Communication (IPC) is one of the most complex technologies within the Windows operating system. At the core of this ecosystem is the Remote Procedure Call (RPC) mechanism, which can function as a standalone communication channel or as the underlying transport layer for more advanced interprocess communication technologies. Because of its complexity and widespread ...
- Researchers find cyber-sabotage malware that may predate Stuxnet by five years
April 24, 2026
Infosec outfit SentinelOne found malware that tries to induce errors in engineering and physics simulation software and therefore represents an attempt at sabotage, and suggests it was created years before the Stuxnet worm that aimed to destroy Iran’s uranium enrichment centrifuges. The company’s Vitaly Kamluk discussed the malware in a talk at the Black Hat Asia ...