Erlang/OTP SSH: Well-known manufacturers affected by critical vulnerability
Erlang/OTP SSH is supplied by many well-known manufacturers. A critical gap therefore also affects Cisco and Ericsson.
(Image: Erstellt mit KI in Bing Creator von heise online / dmk)
The implementation of SSH in Erlang/OTP SSH contains a critical security vulnerability with the highest score: CVSS value 10 out of 10. The vulnerability is easy to attack, and exploit code is already circulating on the Internet. It is now slowly becoming clear which systems are affected – OpenSSH and its descendants are certainly the most widespread. However, Erlang/OTP SSH is also frequently found in large environments.
The IT security researchers at Arctic Wolf have compiled an overview of affected manufacturers and products. Network equipment supplier Ericsson, for example, uses Erlang/OTP SSH in its products that are intended for fault-tolerant, distributed applications, such as switches like AXD301. Ericsson has not yet provided an overview of affected products or assistance in dealing with the vulnerability.
Security gap: Large and well-known manufacturers affected
Cisco is still investigating which systems are affected and has published a security alert – which the company intends to update continuously with new findings. So far, Cisco has listed ConfD and ConfD Basic, Network Services Orchestrator as vulnerable and promises error-corrected software in May 2025. Smart PHY, Intelligent Node Manager and Ultra Cloud Core (Subscriber Microservices Infrastructure) are also vulnerable. Many systems have now also been identified as unaffected, such as IOS, IOS XE, IOX XR, SD-WAN, ISE and others.
Videos by heise
EMQ Technologies is currently one of the other vulnerable providers. Erlang/OTP SSH is not installed by default, but is optionally available at National Instruments, Broadcom (especially RabbitMQ), Very Technology, Apache (CouchDB) and Riak Technologies. Admins must check whether they have installed Erlang/OTP SSH and, if necessary, install the available updates.
It was already known that the vulnerability in Erlang/OTP SSH is critical and easy to attack. The discoverers of the vulnerability from the Ruhr University Bochum had published details of the vulnerability. Until now, however, it was not clear where the software was actually being used and which systems were therefore at risk.
(dmk)
