Geographically, the footprint of exploitation spread to Japan, America, Netherlands, Ireland, Brazil and Ecuador, in some areas it was detected by 100% targeting the OT environment.
“The real danger with CVE -2025-32433 is that it is not only an IT vulnerability: it is affecting the operational technology (OT) network, and it is already actively showing in systems associated with actively important infrastructure,” said, “April Lenhard said, key product manager in Qualis. “Most of the known agreement involves OT assets that control physical processes such as robotics, pumps, valves, or even security systems. Exploitation can change sensor reading, trigger outage, trigger outage, introduce security risks, and cause physical damage.”
Factory ssh argument led to RCE
The root of the problem processes some safe shell (SSH) protocol messages in SSH Damon of OTP, such as ‘ssh_msg_channel_open’ and ‘ssh_msg_channel_request’, before the authentication. Under normal circumstances, such messages should be rejected until valid credentials are confirmed. Instead, the SSH server of the OTP considers them legally to be valid by enabling distance code execution.
