Cisco Confirms Some Products Impacted by Critical Erlang/OTP Flaw

Cisco is investigating the impact of a recently disclosed Erlang/OTP vulnerability and it has confirmed that several of its products are affected by the critical remote code execution flaw.

It came to light last week that a critical vulnerability allowing device takeover was discovered in the SSH implementation of Erlang/OTP, a collection of libraries, middleware and other tools designed for creating soft real-time systems that require high availability, such as banking, e-commerce, and communications applications.

The flaw, discovered by a team of researchers from Ruhr University Bochum in Germany, is tracked as CVE-2025-32433, and it has been described as an SSH protocol message handling issue that can allow an unauthenticated attacker to gain access to affected systems and execute arbitrary code.

The researchers warned that exploitation can lead to “full compromise of hosts, allowing for unauthorized access to and manipulation of sensitive data by third parties, or denial-of-service ...