Serial number: AV25-232
Date: April 24, 2025
On April 16, 2025, Erlang published a security advisory to address a critical vulnerability in the following products:
- OTP – versions OTP-27.3.2 and prior
- OTP – versions OTP-26.2.5.10 and prior
- OTP – versions OTP-25.3.2.19 and prior
This vulnerability allows unauthenticated RCE.
Open-source reporting has indicated that CVE-2025-32433 may have been exploited.
The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.