AI description
CVE-2025-32433 is a vulnerability found in the Erlang/OTP SSH server. It stems from a flaw in the SSH protocol message handling, which allows an attacker with network access to execute arbitrary code on the server without authentication. Specifically, the vulnerability enables a malicious actor to send connection protocol messages before authentication takes place. Successful exploitation could lead to full compromise of the host, unauthorized access, manipulation of sensitive data, or denial-of-service attacks.
- Description
- Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability
- Exploit added on
- Jun 9, 2025
- Exploit action due
- Jun 30, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- security-advisories@github.com
- CWE-306
- Hype score
- Not currently trending
Heads up, system administrators and security professionals! CISA added two critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. These flaws, found in Erlang/OTP and Roundcube Webmail, are being actively exploited in the wild. 🚨CVE-2025-32433 CVSS 10.
@cytexsmb
11 Jun 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 STRIKE Threat Intel Advisory – CVE-2025-32433 🚨 SecurityScorecard’s STRIKE team is tracking active exposure of CVE-2025-32433 — a critical-severity vulnerability affecting Erlang OTP with a CVSS score of 10.0. On June 9, 2025, this vulnerability was added to CIS
@security_score
10 Jun 2025
122 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32433: Remote Code Execution in Erlang/OTP SSH Server ثغرة أمنية خطيرة في خادم Erlang/OTP SSH server، قد تتيح للمهاجم تنفيذ أوامر عن بُعد (RCE) دون مصادقة. من خلال استغلال خلل في معالجة
@mghamdiah1
10 Jun 2025
87 Impressions
0 Retweets
3 Likes
0 Bookmarks
2 Replies
0 Quotes
CISA adds critical vulnerabilities CVE-2025-32433 & CVE-2024-42009 to KEV catalog—impacting Erlang/OTP SSH & Roundcube Webmail. Exploits could lead to remote commands & email theft. Federal agencies must patch promptly ⚠️ #Erlang #Firefox #US https://t.co/ZocOD9
@TweetThreatNews
10 Jun 2025
76 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
📌 أضافت وكالة الأمن السيبراني والبنية التحتية الأمريكية (CISA) flawين أمان مهمين تؤثران على SSH في Erlang/Open Telecom Platform وRoundcube إلى سجل الثغرات المعروف التي تم استغل
@Cybercachear
10 Jun 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
米国サイバーセキュリティ・社会基盤安全保障庁(CISA)の既知の悪用された脆弱性カタログに、Erlang/OTPのCVE-2025-32433とRoundCubeのCVE-2024-42009が追加。対処期限は通常の6/30で、ランサムウェア悪用は不知。 また、For
@__kokumoto
9 Jun 2025
1104 Impressions
0 Retweets
6 Likes
2 Bookmarks
1 Reply
0 Quotes
🛡️ We added RoundCube Webmail and Erlang/OTP vulnerabilities CVE-2024-42009 & CVE-2025-32433 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec https://t.co/
@CISACyber
9 Jun 2025
7590 Impressions
21 Retweets
43 Likes
4 Bookmarks
1 Reply
0 Quotes
🪵 Log # 45/100: A beginners guide to CVE-2025-32433..A thread 🧵 : Let’s break down CVE-2025-32433 in a way that makes sense, even if you’re just starting out in security. 🧠 What happened? A vulnerability was discovered in Erlang/OTP’s SSH server that lets an atta
@ElementMerc
4 Jun 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🪵 Log # 43/100: Weekly TryHackMe Update Over the past week, I did some rooms on TryHackMe, including: 🔹 Intro to Pipeline Automation 🔹 Mobile Acquisistion 🔻 Erlang/OTP SSH: CVE-2025-32433 🔻 The Lay of the Land 🔻 Printer Hacking 101 🔻 Enumeration https://t.c
@ElementMerc
2 Jun 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
💥 Thanks for joining VKB Series #2! Arthur Raout broke down CVE-2025-32433, a critical RCE in Erlang/OTP. Missed it? Watch here: https://t.co/ciaEcn17E2 #VKBSeries #CVE202532433 #P1Security https://t.co/cZSGuvHzZg
@p1security
29 May 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
お疲れ様です🫡 Cisco公式から既知の脆弱性 『CVE-2025-32433』 に対する更新が行われたため、ツリー形式で概要とワークアラウンドなどをポストします なお、今回の脆弱性のCVSSスコアは10.0でCriticalの判定が出
@esunekk
29 May 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
RCE in Erlang/OTP SSH (CVE-2025-32433) → unauthenticated remote code exec risk! Join us May 28 at 15:00 CET. 🎥 Register: https://t.co/ciaEcn1FtA #infosec https://t.co/aH2XkyWn30
@p1security
13 May 2025
76 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-32433: RCE in Erlang/OTP's SSH server. Exploitable w/o auth, PoC published April 17. Cisco products affected. Patch now! #RCE #Erlang #Cisco ➡️ https://t.co/CiQmaumsj0 https://t.co/Xf2ct6RlHR
@leonov_av
12 May 2025
110 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-32433
@transilienceai
12 May 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
ペネトレーションテストツールMetasploitが大規模更新。Erlang/OTP SSHのCVE-2025-32433やSante PACS ServerのCVE-2025-2264に対応する攻撃コード、OPNSenseファイアウォールへの総当りログインスキャナ、SMB-to-HTTPリレー攻撃の追
@__kokumoto
12 May 2025
5182 Impressions
23 Retweets
89 Likes
46 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-32433
@transilienceai
11 May 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-32433
@transilienceai
10 May 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
ثغرة #RCE CVE-2025-32433 في خادم Erlang/OTP #SSH! تهديد باكتساب امتيازات الجذر والاستيلاء على النظام دون مصادقة. ☑️استبيان الخادم: ”SSH-2.0-Erlang“ ☑️الاصدار المعدل: OTP 27.3.3.3
@CriminalIP_AR
9 May 2025
30 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32433, Erlang/OTP #SSH 서버 #RCE 취약점! 인증 없이 루트 권한 탈취 및 시스템 장악의 위협에 노출될 수 있습니다. ☑️SSH 서버 탐색 쿼리: “SSH-2.0-Erlang” ☑️패치 버전: OTP 27.3.3 / 26.2.5.11 / 25.3.2.20 이상 취약한 S
@CriminalIP_KR
9 May 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-32433
@transilienceai
8 May 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨#CVE-2025-32433 Alert! Erlang/OTP #SSH servers may allow unauthenticated root access😬 ☑️ https://t.co/JaUDfGyEMe Query: “SSH-2.0-Erlang” ☑️ Patch now: OTP 27.3.3 / 26.2.5.11 / 25.3.2.20 + Don't let them in. Lock it down. 👉https://t.co/jmzTiZUgjg https://t.c
@CriminalIP_US
8 May 2025
168 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
🚨CVE-2025-32433💣 MD5 c3254c8882483b5934ea8c6c0857fb4e 2a049cf0d370d9501b5844767b431265 c048c45cc4dff2ce5e808db0eae98a6d 870ba614a3e150339f7dc3ae92fdd530 c440f6d24989de4b92f9d9cf3bc5ae6a 184.27.218.92 123.45.67.89 #infosec #security #CVE #exploit #malware #OSINT #ransomwa
@RakeshKrish12
7 May 2025
1247 Impressions
5 Retweets
21 Likes
3 Bookmarks
0 Replies
0 Quotes
''How I Used AI to Create a Working Exploit for CVE-2025-32433 Before Public PoCs Existed'' #infosec #pentest #redteam #blueteam https://t.co/0Gfyjc9p01
@CyberWarship
6 May 2025
1724 Impressions
5 Retweets
16 Likes
18 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-32433
@transilienceai
6 May 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-32433
@transilienceai
5 May 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-32433
@transilienceai
5 May 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Erlang/OTP SSH の深刻な脆弱性 CVE-2025-32433:PoC がリリース https://t.co/df4AsLkjqW Erlang/OTP SSH の脆弱性 CVE-2025-32433 ですが、PoC がリリースされたとのことです。OTP は Open Telecom Platform
@iototsecnews
5 May 2025
117 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
AIがCVEを数時間でエクスプロイトに変換:CVE-2025-32433の事例 | Codebook|Security News https://t.co/yYBjXsvhH1
@fd0
4 May 2025
127 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-3776 2 - CVE-2024-26809 3 - CVE-2025-46337 4 - CVE-2025-26529 5 - CVE-2025-32433 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
4 May 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 PoC CVE-2025-32433: RCE en Erlang/OTP SSH 🔍 Una vulnerabilidad crítica en el servidor SSH de Erlang/OTP permite ejecución remota de código sin autenticación. Afecta versiones anteriores a OTP-27.3.3, 26.2.5.11 y 25.3.2.20. https://t.co/E9CaZo5oB1
@tpx_Security
3 May 2025
101 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVSS 10.0 ALERT: Remote Code Execution in Erlang/OTP SSH (CVE-2025-32433) No auth. Full control. Widespread impact. Used in Cisco, Ericsson, OT/IoT, and edge systems, this bug lets attackers run code without logging in. If SSH runs as root? Game over. 👀 https://t.co/wX
@achi_tech
2 May 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨PoC CVE-2025-32433: Critical Erlang/OTP SSH RCE Vulnerability Credit: https://t.co/PzeVH94Dh5 https://t.co/t0pVzUzlBI
@DarkWebInformer
2 May 2025
8527 Impressions
13 Retweets
66 Likes
30 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-32433 - Vulnerabilidad Crítica de Ejecución Remota de Código en el Servidor SSH de Erlang/OTP 🚨 🔴 Nivel de Urgencia: Crítico https://t.co/q71tzF84U2
@BanCERT_gt
2 May 2025
17 Impressions
2 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-32433
@transilienceai
29 Apr 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 AI used to create a working exploit for CVE-2025-32433 [https://t.co/c8PsvnLJWh]. With AI’s rapid evolution in coding, this is just the start. Automate patch management or your security will be outdated by 2025. #AI #CyberSecurity
@Cuore_talen
29 Apr 2025
41 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
People are using AI to create working exploits before a public PoC is available 🔥 Case in point: CVE-2025-32433 exploit by Matthew Keeley https://t.co/vrEPxbNjtu #bugbountytips #cybersecurity https://t.co/gZKfd502Nm
@payloadartist
29 Apr 2025
5408 Impressions
19 Retweets
111 Likes
54 Bookmarks
2 Replies
0 Quotes
🚨 CVE-2025-32433: Erlang/OTP SSH servers can be hijacked remotely! 🔓 Unauthenticated RCE | AI-generated PoCs in hours 🛠 Patch OTP-27.3.3/26.2.5.11/25.3.2.20 NOW 🔗 Details: https://t.co/wycqaGQQ7g #Security https://t.co/kFAXJqzQGN
@Cezar_H_Linux
29 Apr 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 Cisco investigates critical CVE-2025-32433 vulnerability in Erlang/OTP affecting ConfD, NSO, Smart PHY, Intelligent Node Manager, and Ultra Cloud Core. #CyberSecurity #Cisco https://t.co/9hr7E7zSct https://t.co/CePLxnkcCd
@CyberHub_blog
29 Apr 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-32433
@transilienceai
28 Apr 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
A critical RCE vulnerability, CVE-2025-32433, has been discovered in Cisco products using Erlang/OTP's SSH server, posing severe risks to enterprise networks and telecom systems. With a CVSS score of 10.0, the flaw allows attackers to execute arbitrary code without authenticat...
@CybrPulse
26 Apr 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Crazy CVE-2025-32433 unauth RCE patch that junk or rip https://t.co/hao55KnfJO
@0xnorbit44133
25 Apr 2025
23 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
The AI arms race in cybersecurity is escalating 🚨 Generative AI (like GPT-4 & Google’s LLMs) now accelerates exploit development—turning vulnerabilities into weaponized code within *hours*. Case in point: CVE-2025-32433 in Erlang’s SSH library was reverse-engineer
@ArmanMkhit35108
25 Apr 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
シスコ、一部製品が重大なErlang/OTPの欠陥に影響を受けていることを確認(CVE-2025-32433) https://t.co/8bFCFvQ6qP #Security #セキュリティ #ニュース
@SecureShield_
25 Apr 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-32433
@transilienceai
25 Apr 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Cisco Confirms Exposure to Critical RCE Bug CVE-2025-32433 in Erlang/OTP SSH affects Cisco products like ConfD & NSO. Exploitable, public PoC out, patches coming May. Cisco says configs prevent RCE—but eyes on OT/IoT risk. https://t.co/xBSWokDpAK #CyberSecurity #Cisco #
@dCypherIO
24 Apr 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
NVD - CVE-2025-32433 - Fixed in OTP 27.3.3, OTP 26.2.5.11, and OTP 25.3.2.20 https://t.co/MM7ILs3PCh Discussions: https://t.co/fthBgVKz0w #erlang #programming
@ErlangDiscu
24 Apr 2025
138 Impressions
2 Retweets
7 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32433: Erlang/OTP SSH Unauthenticated Remote Code Execution Vulnerability https://t.co/07SAy6wF62 https://t.co/ApDa07Sdpf
@IT_Peurico
24 Apr 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
YouTube video walk through for TryHackMe room Erlang/OTP SSH: CVE-2025-32433 Link in first comment: ⤵️⤵️⤵️🦜🦜 https://t.co/5YHLYTxIJx
@DjalilAyed
24 Apr 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Cisco confirms: ConfD, NSO, Smart PHY & more hit by CVE-2025-32433. No RCE risk yet, but PoC exploit is out. Erlang-based systems across network & industrial gear now under the spotlight. Details: https://t.co/3dbVIeCtwb
@TheHackersNews
24 Apr 2025
8608 Impressions
33 Retweets
50 Likes
14 Bookmarks
0 Replies
2 Quotes
Based on publicly-available information, the following applications are known to utilize Erlang OTP, which may suggest that they are vulnerable to CVE-2025-32433. #EndCyberRisk https://t.co/LJGJXfwMes
@de_do20
24 Apr 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E83BFB53-C1CC-4F9E-9794-EE0057EE770B",
"versionEndExcluding": "25.3.2.20"
},
{
"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4842AC3A-E1AE-491A-AFCE-F3669397CA82",
"versionEndExcluding": "26.2.5.11",
"versionStartIncluding": "26.0"
},
{
"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36383ED9-EA7D-4AFF-B2C7-1FFD16207C54",
"versionEndExcluding": "27.3.3",
"versionStartIncluding": "27.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:confd_basic:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8FD911AA-C8F6-4109-A3B4-602AEAF2C77D",
"versionEndExcluding": "7.7.19.1"
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B6F7512-CAC2-42DE-B150-D56AE6F78053",
"versionEndExcluding": "8.1.16.2",
"versionStartIncluding": "8.0.18"
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F1269B5-554F-42E0-95A1-BD22C5C23309",
"versionEndExcluding": "8.2.11.1",
"versionStartIncluding": "8.2"
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D1C890C-D8CA-45FB-B70E-3960B0E9D41B",
"versionEndExcluding": "8.3.8.1",
"versionStartIncluding": "8.3"
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37F31D4A-E5B4-4ED3-BE3C-07FFA0F4D689",
"versionEndExcluding": "8.4.4.1",
"versionStartIncluding": "8.4"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C911AA6C-9CD2-48F5-BC9B-A2D1AACEED03",
"versionEndExcluding": "5.7.19.1"
},
{
"criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1A800C1C-CED2-4D88-ADD3-1705DF8D1611",
"versionEndExcluding": "6.1.16.2",
"versionStartIncluding": "5.8"
},
{
"criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C18189F-8645-4801-9217-B7A1E3539F89",
"versionEndExcluding": "6.2.11.1",
"versionStartIncluding": "6.2"
},
{
"criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B4EF3D5-5633-4C99-B4AE-360A2A3B985B",
"versionEndExcluding": "6.3.8.1",
"versionStartIncluding": "6.3"
},
{
"criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "553AEE68-3FBE-453B-BD12-03FAF3BA6F2C",
"versionEndExcluding": "6.4.1.1",
"versionStartIncluding": "6.4"
},
{
"criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9DCC5384-91EF-44D6-908B-CC019036273A",
"versionEndExcluding": "6.4.4.1",
"versionStartIncluding": "6.4.2"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:cloud_native_broadband_network_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F813EFB7-F2E8-4E36-BBF3-1FA1C2CB6035",
"versionEndExcluding": "2025.03.1"
},
{
"criteria": "cpe:2.3:a:cisco:inode_manager:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA1A6D3F-C7B9-415B-AE44-A263BFAA8B21"
},
{
"criteria": "cpe:2.3:a:cisco:smart_phy:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D14D75E9-5247-4D0F-A92E-10821629089D",
"versionEndExcluding": "25.2"
},
{
"criteria": "cpe:2.3:a:cisco:ultra_packet_core:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7C2C7DFE-3573-4086-8DD2-AC9B4EC92671"
},
{
"criteria": "cpe:2.3:a:cisco:ultra_services_platform:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "378484EF-6E71-4D73-8864-538A869F8D08"
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "525B2F5E-1115-4523-B8CF-63F323D3F701"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:optical_site_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A91EBA2-5C6A-43D1-9657-E0B0B2D214F4",
"versionEndExcluding": "25.2.1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0F6E0FBE-70B7-413C-8943-39BEFE050298"
},
{
"criteria": "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B"
},
{
"criteria": "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs_2000_shelf_virtualization_orchestrator_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3FBA50A5-A1E7-41C4-AC8C-19A2393ACF89",
"versionEndExcluding": "25.1.1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs_2000_shelf_virtualization_orchestrator_module:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B66F36B9-0E4E-4AE0-9102-9B963C5E67D6"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:enterprise_nfv_infrastructure_software:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B41BD0FB-372F-418B-A453-232D04C7C055",
"versionEndExcluding": "4.18"
},
{
"criteria": "cpe:2.3:a:cisco:ultra_cloud_core:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "41890CCA-16A7-429C-8A31-F467141171A7",
"versionEndExcluding": "2025.03.1"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv160w_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E4C81717-86CA-4B78-B60B-1ABEA71D0243"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv160w:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2B7E3792-5D0F-4CCC-874D-512059CA8E12"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv260_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8B9D17F-A3E5-498D-9AE1-11915FEF8B3B"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv260:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "6FFC99C1-954E-408B-8A08-C79941350F05"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv160_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2D5DF69-3106-40B4-9DEA-1655EC394E01"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv160:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "EC1DC21D-8C6C-4CE7-B5CB-8646659B02BC"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv260p_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3BA3E845-95EC-4CAD-8105-2348F8D58E3A"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv260p:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A62A6E2F-FA43-4F40-A684-651FEDAC2114"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv260w_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33291CE9-C896-4798-BAD3-5ACA2A412E92"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv260w:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "95737F9F-1779-4AAB-875E-2CD586A8B780"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv340_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FAA54684-D12C-4050-AFD3-A1A3E2B6585F"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv340:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2A4411AC-2A74-4315-BA6B-D7E1AA538BDB"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv340w_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7440DB48-9ACC-4D14-A042-12946145AB45"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv340w:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "21E55019-F969-4ACD-A6C8-1D2EE05F8EE4"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv345_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6DBB708-31C2-499B-B6DC-2DC3501F2FDE"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv345:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5E91E68B-CBE9-462E-82D4-6F588B8E84E8"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv345p_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26BE8976-95F2-41DB-A76B-E67CF07DF500"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv345p:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5120BAB7-FB3A-481E-9ECD-48341846AFBD"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]