KEV · Actively exploited
CVE-2025-32433
CRITICAL 10.0
KEV
Erlang/OTP SSH Vulnerable to Pre-Authentication RCE
EPSS
62.85%
exploit likely
percentile 98.4%
CISA Known Exploited Vulnerability
- Added to KEV
- 2025-06-09
- Remediation deadline
- 2025-06-30
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Ransomware
- No