The SonicWall Capture Labs threat research team became aware of a pre-authentication vulnerability in Erlang/OTP (Open Telegram Platform) SSH server implementation, assessed its impact, and developed mitigation measures.
Erlang/OTP is a known toolkit used to build scalable, fault-tolerant systems such as telecommunications, messaging platforms, IoT infrastructure and financial services. It is used by organizations like Ericsson, Cisco and WhatsApp. Identified as CVE-2025-32433, Erlang/OTP SSH vulnerable versions include OTP 27.3.2 and earlier, OTP 26.2.5.10 and earlier, OTP 25.3.2.19 and earlier, and versions from OTP 17.0 and older. These vulnerable versions allow an attacker to be authenticated, verified and logged in as users because the server fails to properly reject certain types of protocol messages that are sent before the authentication phase of the SSH handshake.
Read more…
Source: Sonicwall
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Retro tech leaves NHS open to cyber-attacks, say researchers
August 20, 2018
Hackers could gain access to NHS networks by exploiting vulnerabilities in fax machines, security researchers have suggested. Staff at Check Point Software discovered exploits in widely-used fax machines that enable hackers to spread malware through a malicious image file. Malware can be coded into the image file which, when decoded by the fax machine and uploaded to its ...
- Cyber security threat to Britain’s oil and gas sites as attack could cause ‘unprecedented damage’
August 17, 2018
Brian Lord OBE says a successful attack on its infrastructure could cause “unprecedented damage” and “unrest across the world”. With a complex ecosystem of computation, networking, and physical operational processes spread around the world the industry has a large attack surface with many attack vectors. A typical large oil and gas company uses half a million processors ...
- FBI Warns Of ATM Hacking Campaign
August 16, 2018
The FBI has warned banks that cybercriminals are preparing to carry out a “highly choreographed, global fraud scheme known as an ‘ATM cash-out’.” The threat, reported by Krebs On Security cybersecurity blog, will apparently see criminals hacking a bank or payment card processor, and using cloned cards at ATMs around the world to fraudulently withdraw “millions of ...
- Researchers Disclose New Foreshadow (L1TF) Vulnerabilities Affecting Intel CPUs
August 14, 2018
Academics and private sector researchers have revealed details today about three new vulnerabilities affecting Intel CPUs. All three are Spectre-class attacks that take advantage of a CPU design feature named speculative execution —a feature found in all modern CPUs that has the role of improving performance by computing operations in advance and later discarding unneeded data. These flaws target ...
- Postmortem of a Compromised MikroTik Router
August 14, 2018
Cryptocurrency coinminers are the new ransomware and malicious actors have already pounced on the opportunity to make their fortune. Symantec has been tracking a large-scale coin-mining campaign which, as per Shodan, has currently infected about 157,000 MikroTik routers. Researchers discovered this coin-mining campaign in early August 2018. The campaign was initially concentrated in Brazil; however, it soon began ...
- Victims Lose Access to Thousands of Photos as Instagram Hack Spreads
August 14, 2018
In a probable quest to build a botnet, someone is hacking Instagram accounts, deleting handles, avatars and personal details, and linking them to a new email address. An Instagram hack is spreading across the internet, with increasing numbers of victims finding their accounts hijacked and personal details altered — and account recovery so far impossible. Read more… Source: ...