Erlang/OTP SSH Exploits Spiked After April Patch

Majority of Attacks Target Operational Technology Networks Prajeet Nair (@prajeetspeaks) • August 13, 2025

Exploitation attempts against a severe vulnerability in a runtime system widely deployed in operational technology environments spiked globally in the days after open-source maintainers of the Erlang/OTP project published a patch.

See Also: What Manufacturing Leaders Are Learning About Cloud Security - from Google’s Frontline

Researchers from Palo Alto Network's Unit 42 said Monday they saw a "significant increase in exploitation activity" targeting the vulnerability starting roughly two weeks after it became public in mid-April. Telemetry collected from May 1 through May 9 showed that 70% of detected exploit activity originated in firewalls protection OT networks, Unit 42 said.

Tracked as CVE-2025-32433 with a maximum CVSS score of 10, the vulnerability lets attackers take full control of systems through an flaw in how the embedded Erlang secure shell processes messages. Its ...