Erlang/OTP SSH CVE-2025-32433 exploitation wave
Exploitation Wave
Summary
Hide ▲
Show ▼
CVE-2025-32433 is being exploited in short, high-intensity bursts against Erlang/OTP SSH servers, creating immediate risk for exposed systems and OT networks. Detection data shows the wave began as early as May 2025 and is heavily concentrated on firewall-visible assets. The flaw is a missing authentication issue that can lead to arbitrary code execution without credentials.
Related Happenings
React Native Metro servers Metro4Shell exploitation wave (CVE-2025-11953)
Exploitation Wave
First: 03.02.2026 16:00
Last: 03.02.2026 16:00
Sources 1
About this happening:
Repeated exploitation of **CVE-2025-11953** is hitting exposed **React Native Metro servers**, creating remote command and payload-delivery risk across a large development-systems...
React Native Metro servers Metro4Shell exploitation wave (CVE-2025-11953)
Exploitation WaveAbout this happening: Repeated exploitation of **CVE-2025-11953** is hitting exposed **React Native Metro servers**, creating remote command and payload-delivery risk across a large development-systems...
HPE OneView actively exploited remote code execution flaw (CVE-2025-37164)
Vulnerability
First: 08.01.2026 09:45
Last: 08.01.2026 09:45
Sources 1
About this happening:
**CVE-2025-37164** in **HPE OneView** is being **actively exploited**, with **Check Point Research** reporting a **Linux-based RondoDox botnet** campaign that escalated in **Janua...
HPE OneView actively exploited remote code execution flaw (CVE-2025-37164)
VulnerabilityAbout this happening: **CVE-2025-37164** in **HPE OneView** is being **actively exploited**, with **Check Point Research** reporting a **Linux-based RondoDox botnet** campaign that escalated in **Janua...
MongoDB CVE-2025-14847 active exploitation worldwide
Exploitation Wave
First: 29.12.2025 09:49
Last: 29.12.2025 09:49
Sources 1
About this happening:
**CVE-2025-14847** is being **actively exploited** against **MongoDB** deployments, putting a global pool of **87,000+** potentially susceptible instances at risk. The wave matter...
MongoDB CVE-2025-14847 active exploitation worldwide
Exploitation WaveAbout this happening: **CVE-2025-14847** is being **actively exploited** against **MongoDB** deployments, putting a global pool of **87,000+** potentially susceptible instances at risk. The wave matter...
Digiever DS-2105 Pro active exploitation wave (CVE-2023-52163)
Exploitation Wave
First: 25.12.2025 10:07
Last: 25.12.2025 10:07
Sources 1
About this happening:
**CVE-2023-52163** is being exploited at scale against **Digiever DS-2105 Pro NVRs**, with multiple reports linking abuse to **Mirai** and **ShadowV2** botnet delivery. The flaw i...
Digiever DS-2105 Pro active exploitation wave (CVE-2023-52163)
Exploitation WaveAbout this happening: **CVE-2023-52163** is being exploited at scale against **Digiever DS-2105 Pro NVRs**, with multiple reports linking abuse to **Mirai** and **ShadowV2** botnet delivery. The flaw i...
Gogs Internet-facing exploitation wave (CVE-2025-8110)
Exploitation Wave
First: 11.12.2025 15:19
Last: 11.12.2025 15:19
Sources 1
About this happening:
**Gogs** servers were caught in a broad **active exploitation wave** that left **more than 700 compromised instances** among **1,400+ exposed servers**. The abuse centered on **CV...
Gogs Internet-facing exploitation wave (CVE-2025-8110)
Exploitation WaveAbout this happening: **Gogs** servers were caught in a broad **active exploitation wave** that left **more than 700 compromised instances** among **1,400+ exposed servers**. The abuse centered on **CV...
Timeline
-
11.08.2025 18:08 1 articles · 9mo ago
Erlang/OTP SSH CVE-2025-32433 exploitation wave
Initial DisclosureIn **May 2025**, attackers began probing and exploiting **CVE-2025-32433** on exposed **Erlang/OTP SSH** servers. Early detections were already skewed toward **OT network firewalls**, showing that industrial environments were in scope from the start.
Show sources
- Researchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls — thehackernews.com — 11.08.2025 18:08