CVE-2025-32433
Published Apr 16, 2025
Last updated 2 months ago
AI description
CVE-2025-32433 is a vulnerability found in the Erlang/OTP SSH server. It stems from a flaw in the SSH protocol message handling, which allows an attacker with network access to execute arbitrary code on the server without authentication. Specifically, the vulnerability enables a malicious actor to send connection protocol messages before authentication takes place. Successful exploitation could lead to full compromise of the host, unauthorized access, manipulation of sensitive data, or denial-of-service attacks.
- Description
- Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
- Products
- erlang\/otp, confd_basic, network_services_orchestrator, cloud_native_broadband_network_gateway, inode_manager, smart_phy, ultra_packet_core, ultra_services_platform, staros, optical_site_manager, ncs_2000_shelf_virtualization_orchestrator_firmware, enterprise_nfv_infrastructure_software, ultra_cloud_core, rv160w_firmware, rv260_firmware, rv160_firmware, rv260p_firmware, rv260w_firmware, rv340_firmware, rv340w_firmware, rv345_firmware, rv345p_firmware
CVSS 3.1
- Type
- Secondary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability
- Exploit added on
- Jun 9, 2025
- Exploit action due
- Jun 30, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- security-advisories@github.com
- CWE-306
- Hype score
- Not currently trending
I just completed Erlang/OTP SSH: CVE-2025-32433 room on TryHackMe. Learn about and exploit Erlang/OTP SSH CVE-2025-32433 in a lab setup. https://t.co/PG3YIAhYOJ #tryhackme via @realtryhackme
@yasirchandio12
21 Sept 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#VulnerabilityReport #CVE202532433 Critical Erlang/OTP Flaw (CVE-2025-32433) Under Active Exploitation, Allowing Unauthenticated RCE on OT Networks https://t.co/CFutFE7q8F
@Komodosec
16 Sept 2025
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
How I Used AI to Create a Working Exploit for CVE-2025-32433 Before Public PoCs Existed - Matthew Keeley https://t.co/kuUyUGOVXT
@pentest_swissky
11 Sept 2025
1970 Impressions
5 Retweets
20 Likes
12 Bookmarks
1 Reply
0 Quotes
🚨 "Keys to the Kingdom" via Erlang/OTP SSH? Palo Alto Networks Unit 42 reveals CVE-2025-32433 exploits *observed in the wild*! Critical vulnerability analysis you can't miss. #CyberSecurity #Vulnerability https://t.co/aoFXtJLy2z
@xcybersecnews
1 Sept 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
GPT-4 助攻資安研究!成功在 CVE-2025-32433 公開 Proof-of-Concept (概念驗證) 前,發現漏洞、生成 Exploit (漏洞利用程式) 並除錯。AI 潛力令人矚目。#AI #資安 https://t.co/Zq07QNnHjK
@artofcryptowar
31 Aug 2025
119 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Erlang/OTP SSH の脆弱性 CVE-2025-32433:OT ネットワークへの活発な攻撃を検知 https://t.co/LeUTpJ7RN0 Erlang/OTP の SSH
@iototsecnews
25 Aug 2025
132 Impressions
2 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Erlang/OTP SSH Flaw Enables Remote Code Execution Without Authentication https://t.co/v9ekJqsObC A critical vulnerability (CVE-2025-32433) in Erlang’s native SSH server allows unauthenticated attackers to execute commands remotely, by sending specially crafted SSH prot
@Huntio
23 Aug 2025
4640 Impressions
10 Retweets
13 Likes
5 Bookmarks
1 Reply
1 Quote
Unauthenticated Remote Code Execution in Erlang/OTP SSH Server (CVE-2025-32433) https://t.co/pjo1LzXV9T https://t.co/4BJU1pleS9
@Hack32_
22 Aug 2025
610 Impressions
0 Retweets
9 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-32433 is a critical (CVSS 10.0) unauthenticated RCE vulnerability in Erlang/OTP sshd. Unit 42 discusses its impacts across critical infrastructure and especially operational technology (OT) networks. https://t.co/38W4lHbtYW
@JackPen6
17 Aug 2025
39 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-32433 is a critical (CVSS 10.0) unauthenticated RCE vulnerability in Erlang/OTP sshd. We discuss its impacts across critical infrastructure and especially operational technology (OT) networks: https://t.co/aCIgEI025g https://t.co/qKPr0VjTaH
@Unit42_Intel
14 Aug 2025
9641 Impressions
33 Retweets
108 Likes
34 Bookmarks
1 Reply
1 Quote
OT angle — Erlang/OTP flaw hitting industrial networks OT teams: heads up. Palo Alto saw widespread exploitation of CVE-2025-32433 targeting OT networks. If you’ve got Erlang/OTP SSH exposed (often on 2222), patch to OTP-27.3.3 / 26.2.5.11 / 25.3.2.20 and lock down remote acc
@PravinK_Goudar
14 Aug 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A terrifying vulnerability, CVE-2025-32433, has been exploited in the wild, affecting Erlang’s OTP due to a flaw in the SSH daemon. This remote code execution vulnerability primarily targets OT firewalls, posing a significant threat to critical infrastructure and safety, with .
@CybrPulse
13 Aug 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Critical Erlang/OTP Flaw (CVE-2025-32433) Actively Exploited, Poses Major Threat to Industrial Networks https://t.co/H4eRD2aTAE
@the_yellow_fall
13 Aug 2025
288 Impressions
2 Retweets
2 Likes
2 Bookmarks
0 Replies
0 Quotes
CVE-2025-32433, a vulnerability in Erlang/OTP, and part of the CISA KEV, is now being actively exploited. According to #Unit42, this can have significant impact on OT networks which rely heavily on Erlang/OTP. Several IOCs listed in the writeup: https://t.co/uBJKoNXRgo
@ct_is
12 Aug 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Researchers report a surge in Erlang/OTP SSH RCE exploits, with 70% targeting OT firewalls, stemming from a critical vulnerability (CVE-2025-32433) that has been actively abused since May 2025. #CyberSecurity #ExploitAlert https://t.co/a7OabtoP0X
@Cyber_O51NT
12 Aug 2025
270 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
Palo Alto warns of OT-targeted exploitation of critical Erlang/OTP SSH vulnerability https://t.co/qBFfF03Y7w Palo Alto Networks reported active exploitation attempts targeting CVE-2025-32433, a critical vulnerability that enables unauthenticated remote code execution (RCE) in
@f1tym1
12 Aug 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【重要インフラへの脅威】Erlang/OTPのSSHデーモンに発見された致命的な脆弱性CVE-2025-32433が、世界中の産業制御システムを標的とした攻撃で悪用されている。Unit 42の調査によると、CVSS
@nakajimeeee
12 Aug 2025
366 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical remote code execution vulnerability in Erlang/OTP's SSH daemon, CVE-2025-32433, is being exploited against operational technology networks, affecting essential services. In a striking revelation, exploitation attempts surged by 160 percent on OT devices, highlightin...
@CybrPulse
12 Aug 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-32433: #Vulnerability in #Erlang/OTP #SSH Implementation https://t.co/ebipp8bgon https://t.co/5lx2VpMmTF
@omvapt
12 Aug 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Erlang/OTP SSH daemon vulnerable to CVE-2025-32433 allows unauthenticated RCE via post-auth SSH messages. Exploits surged in May 2025, targeting OT firewalls in education, healthcare & tech sectors. Patches released. #CVE202532433 #ErlangOTP #USA https://t.co/jtHWJoMHet
@TweetThreatNews
11 Aug 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical flaw CVE-2025-32433 in Erlang/OTP SSH enables remote code execution, with 70% of attacks targeting OT firewalls across healthcare, agriculture, media, and high tech. Patched April 2025. #ErlangOTP #OTSecurity #USA https://t.co/CLH3POkwaz
@TweetThreatNews
11 Aug 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical CVE-2025-32433 vulnerability in Erlang/OTP SSH exposes major security risk. Urgent patching needed. Monitoring shows rise in OT network incidents. https://t.co/pd5FYPIACF #CyberSecurity
@threatlight
11 Aug 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical flaw in Erlang/OTP’s SSH (CVE-2025-32433) is being actively exploited — no credentials needed, full remote code execution possible. Targets? Mostly OT networks — healthcare, agriculture, media, and high-tech sectors hit hardest. Here’s w... https://t.co/jJ
@IT_news_for_all
11 Aug 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical flaw in Erlang/OTP’s SSH (CVE-2025-32433) is being actively exploited — no credentials needed, full remote code execution possible. Targets? Mostly OT networks — healthcare, agriculture, media, and high-tech sectors hit hardest. Here’s why it’s a global
@TheHackersNews
11 Aug 2025
17715 Impressions
77 Retweets
198 Likes
34 Bookmarks
8 Replies
1 Quote
CVE-2025-32433 poses a critical security risk, enabling unauthenticated remote code execution in vulnerable Erlang/OTP SSH daemons used widely in industrial settings. Recent findings indicate that exploit attempts surged significantly, especially targeting operational technolo...
@CybrPulse
11 Aug 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
This week, Disclosed. #BugBounty My projects featured on Critical Thinking, $1M WhatsApp Bounty, AI Exploit for CVE-2025-32433, Bug Bounty Village CTF Prizes, and More. Full issue → https://t.co/Affe2Yws7J Highlights below 👇 @infinitelogins and @arl_rose discuss building
@infinitelogins
3 Aug 2025
1480 Impressions
3 Retweets
28 Likes
4 Bookmarks
0 Replies
0 Quotes
⚠️ Weekly vuln radar — https://t.co/Cd6L8ACyLV: CVE-2025-53770 — Sharepoint Server 📈⬆️ CVE-2025-32433 (@lambdafu) CVE-2025-25257 (@0x_shaq) CVE-2025-49113 (@k_firsov) CVE-2025-6558 (@_clem1) CVE-2025-30406 CVE-2025-54309 CVE-2025-23266 (@nirohfeld @shirtamari) CVE
@ptdbugs
1 Aug 2025
160 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
🧨🔥 CVE-2025-32433 | SSH Pre-Authentication RCE in Erlang/OTP: Exploit from Scratch + Real-World Proof of Concept on Arch Linux (Black Hat Style) video on my YouTube channel subscribe https://t.co/orLCEktHDz
@Z3R0NYX
31 Jul 2025
215 Impressions
1 Retweet
3 Likes
0 Bookmarks
0 Replies
0 Quotes
🧨🔥 CVE-2025-32433 | SSH Pre-Authentication RCE in Erlang/OTP: Exploit from Scratch + Real-World Proof of Concept on Arch Linux (Black Hat Style) video on my YouTube channel subscribe https://t.co/G7aCBoBHNz https://t.co/UjRGFy7ppv
@Z3R0NYX
31 Jul 2025
882 Impressions
0 Retweets
9 Likes
2 Bookmarks
0 Replies
0 Quotes
If you're learning about vibe hacking, here's a cool article demonstrating how @mattrkeeley used AI to create a working exploit for CVE-2025-32433 before any public PoCs existed! Worth a read 👇 https://t.co/74ALoE8V48 https://t.co/gVNhYNLC2M
@0xacb
31 Jul 2025
6270 Impressions
29 Retweets
137 Likes
107 Bookmarks
2 Replies
0 Quotes
Erlang/OTP SSH al descubierto: CVE-2025-32433 (CVSS 10.0) RCE pre-auth. Parchéalo YA. 😉 #CVE2025 #Erlang #BugBounty https://t.co/IqIzHXJRsR
@gorkaelbochi
8 Jul 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 STRIKE Threat Intel Advisory – CVE-2025-32433 🚨 SecurityScorecard’s STRIKE team is tracking active exposure of CVE-2025-6543 — a critical-severity vulnerability affecting Citrix Netscaler Application Delivery Controller with a CVSS score of 9.2. On June 30, 2025
@security_score
1 Jul 2025
175 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-32711 2 - CVE-2024-51978 3 - CVE-2025-6430 4 - CVE-2025-32433 5 - CVE-2020-9547 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
29 Jun 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[1day1line] CVE-2025-32433: Pre-auth RCE in Erlang/OTP SSH Server This vulnerability in Erlang/OTP's SSH daemon allows unauthenticated attackers to execute arbitrary shell commands by sending crafted SSH messages before authentication. https://t.co/fpya9eVVy7
@hackyboiz
28 Jun 2025
1272 Impressions
7 Retweets
21 Likes
8 Bookmarks
0 Replies
0 Quotes
آسیبپذیری بحرانی CVE-2025-32433 با امتیاز حداکثری 10.0 در SSH پلتفرم Erlang/OTP کشف شده که به مهاجمان اجازه اجرای کد بدون احراز هویت را میدهد. با دسترسی root، مهاجم کنتر
@Teeegra
18 Jun 2025
299 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Heads up, system administrators and security professionals! CISA added two critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. These flaws, found in Erlang/OTP and Roundcube Webmail, are being actively exploited in the wild. 🚨CVE-2025-32433 CVSS 10.
@cytexsmb
11 Jun 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 STRIKE Threat Intel Advisory – CVE-2025-32433 🚨 SecurityScorecard’s STRIKE team is tracking active exposure of CVE-2025-32433 — a critical-severity vulnerability affecting Erlang OTP with a CVSS score of 10.0. On June 9, 2025, this vulnerability was added to CIS
@security_score
10 Jun 2025
122 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32433: Remote Code Execution in Erlang/OTP SSH Server ثغرة أمنية خطيرة في خادم Erlang/OTP SSH server، قد تتيح للمهاجم تنفيذ أوامر عن بُعد (RCE) دون مصادقة. من خلال استغلال خلل في معالجة
@mghamdiah1
10 Jun 2025
87 Impressions
0 Retweets
3 Likes
0 Bookmarks
2 Replies
0 Quotes
CISA adds critical vulnerabilities CVE-2025-32433 & CVE-2024-42009 to KEV catalog—impacting Erlang/OTP SSH & Roundcube Webmail. Exploits could lead to remote commands & email theft. Federal agencies must patch promptly ⚠️ #Erlang #Firefox #US https://t.co/ZocOD9
@TweetThreatNews
10 Jun 2025
76 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
📌 أضافت وكالة الأمن السيبراني والبنية التحتية الأمريكية (CISA) flawين أمان مهمين تؤثران على SSH في Erlang/Open Telecom Platform وRoundcube إلى سجل الثغرات المعروف التي تم استغل
@Cybercachear
10 Jun 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
米国サイバーセキュリティ・社会基盤安全保障庁(CISA)の既知の悪用された脆弱性カタログに、Erlang/OTPのCVE-2025-32433とRoundCubeのCVE-2024-42009が追加。対処期限は通常の6/30で、ランサムウェア悪用は不知。 また、For
@__kokumoto
9 Jun 2025
1104 Impressions
0 Retweets
6 Likes
2 Bookmarks
1 Reply
0 Quotes
🛡️ We added RoundCube Webmail and Erlang/OTP vulnerabilities CVE-2024-42009 & CVE-2025-32433 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec https://t.co/
@CISACyber
9 Jun 2025
7590 Impressions
21 Retweets
43 Likes
4 Bookmarks
1 Reply
0 Quotes
🪵 Log # 45/100: A beginners guide to CVE-2025-32433..A thread 🧵 : Let’s break down CVE-2025-32433 in a way that makes sense, even if you’re just starting out in security. 🧠 What happened? A vulnerability was discovered in Erlang/OTP’s SSH server that lets an atta
@ElementMerc
4 Jun 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🪵 Log # 43/100: Weekly TryHackMe Update Over the past week, I did some rooms on TryHackMe, including: 🔹 Intro to Pipeline Automation 🔹 Mobile Acquisistion 🔻 Erlang/OTP SSH: CVE-2025-32433 🔻 The Lay of the Land 🔻 Printer Hacking 101 🔻 Enumeration https://t.c
@ElementMerc
2 Jun 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
💥 Thanks for joining VKB Series #2! Arthur Raout broke down CVE-2025-32433, a critical RCE in Erlang/OTP. Missed it? Watch here: https://t.co/ciaEcn17E2 #VKBSeries #CVE202532433 #P1Security https://t.co/cZSGuvHzZg
@p1security
29 May 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
お疲れ様です🫡 Cisco公式から既知の脆弱性 『CVE-2025-32433』 に対する更新が行われたため、ツリー形式で概要とワークアラウンドなどをポストします なお、今回の脆弱性のCVSSスコアは10.0でCriticalの判定が出
@esunekk
29 May 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
RCE in Erlang/OTP SSH (CVE-2025-32433) → unauthenticated remote code exec risk! Join us May 28 at 15:00 CET. 🎥 Register: https://t.co/ciaEcn1FtA #infosec https://t.co/aH2XkyWn30
@p1security
13 May 2025
76 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-32433: RCE in Erlang/OTP's SSH server. Exploitable w/o auth, PoC published April 17. Cisco products affected. Patch now! #RCE #Erlang #Cisco ➡️ https://t.co/CiQmaumsj0 https://t.co/Xf2ct6RlHR
@leonov_av
12 May 2025
110 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-32433
@transilienceai
12 May 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
ペネトレーションテストツールMetasploitが大規模更新。Erlang/OTP SSHのCVE-2025-32433やSante PACS ServerのCVE-2025-2264に対応する攻撃コード、OPNSenseファイアウォールへの総当りログインスキャナ、SMB-to-HTTPリレー攻撃の追
@__kokumoto
12 May 2025
5182 Impressions
23 Retweets
89 Likes
46 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E83BFB53-C1CC-4F9E-9794-EE0057EE770B",
"versionEndExcluding": "25.3.2.20"
},
{
"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4842AC3A-E1AE-491A-AFCE-F3669397CA82",
"versionEndExcluding": "26.2.5.11",
"versionStartIncluding": "26.0"
},
{
"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36383ED9-EA7D-4AFF-B2C7-1FFD16207C54",
"versionEndExcluding": "27.3.3",
"versionStartIncluding": "27.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:confd_basic:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8FD911AA-C8F6-4109-A3B4-602AEAF2C77D",
"versionEndExcluding": "7.7.19.1"
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B6F7512-CAC2-42DE-B150-D56AE6F78053",
"versionEndExcluding": "8.1.16.2",
"versionStartIncluding": "8.0.18"
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F1269B5-554F-42E0-95A1-BD22C5C23309",
"versionEndExcluding": "8.2.11.1",
"versionStartIncluding": "8.2"
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D1C890C-D8CA-45FB-B70E-3960B0E9D41B",
"versionEndExcluding": "8.3.8.1",
"versionStartIncluding": "8.3"
},
{
"criteria": "cpe:2.3:a:cisco:confd_basic:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37F31D4A-E5B4-4ED3-BE3C-07FFA0F4D689",
"versionEndExcluding": "8.4.4.1",
"versionStartIncluding": "8.4"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C911AA6C-9CD2-48F5-BC9B-A2D1AACEED03",
"versionEndExcluding": "5.7.19.1"
},
{
"criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1A800C1C-CED2-4D88-ADD3-1705DF8D1611",
"versionEndExcluding": "6.1.16.2",
"versionStartIncluding": "5.8"
},
{
"criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C18189F-8645-4801-9217-B7A1E3539F89",
"versionEndExcluding": "6.2.11.1",
"versionStartIncluding": "6.2"
},
{
"criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B4EF3D5-5633-4C99-B4AE-360A2A3B985B",
"versionEndExcluding": "6.3.8.1",
"versionStartIncluding": "6.3"
},
{
"criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "553AEE68-3FBE-453B-BD12-03FAF3BA6F2C",
"versionEndExcluding": "6.4.1.1",
"versionStartIncluding": "6.4"
},
{
"criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9DCC5384-91EF-44D6-908B-CC019036273A",
"versionEndExcluding": "6.4.4.1",
"versionStartIncluding": "6.4.2"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:cloud_native_broadband_network_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F813EFB7-F2E8-4E36-BBF3-1FA1C2CB6035",
"versionEndExcluding": "2025.03.1"
},
{
"criteria": "cpe:2.3:a:cisco:inode_manager:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA1A6D3F-C7B9-415B-AE44-A263BFAA8B21"
},
{
"criteria": "cpe:2.3:a:cisco:smart_phy:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D14D75E9-5247-4D0F-A92E-10821629089D",
"versionEndExcluding": "25.2"
},
{
"criteria": "cpe:2.3:a:cisco:ultra_packet_core:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "25BC4E65-0344-45F3-8570-CEBEAA26D302",
"versionEndExcluding": "2025.03"
},
{
"criteria": "cpe:2.3:a:cisco:ultra_services_platform:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "378484EF-6E71-4D73-8864-538A869F8D08"
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CDADC228-B7DA-405D-B704-4E6198D4308E",
"versionEndExcluding": "2025.03"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:optical_site_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A91EBA2-5C6A-43D1-9657-E0B0B2D214F4",
"versionEndExcluding": "25.2.1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0F6E0FBE-70B7-413C-8943-39BEFE050298"
},
{
"criteria": "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B"
},
{
"criteria": "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs_2000_shelf_virtualization_orchestrator_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3FBA50A5-A1E7-41C4-AC8C-19A2393ACF89",
"versionEndExcluding": "25.1.1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs_2000_shelf_virtualization_orchestrator_module:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B66F36B9-0E4E-4AE0-9102-9B963C5E67D6"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:enterprise_nfv_infrastructure_software:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B41BD0FB-372F-418B-A453-232D04C7C055",
"versionEndExcluding": "4.18"
},
{
"criteria": "cpe:2.3:a:cisco:ultra_cloud_core:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "41890CCA-16A7-429C-8A31-F467141171A7",
"versionEndExcluding": "2025.03.1"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv160w_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E4C81717-86CA-4B78-B60B-1ABEA71D0243"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv160w:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2B7E3792-5D0F-4CCC-874D-512059CA8E12"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv260_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8B9D17F-A3E5-498D-9AE1-11915FEF8B3B"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv260:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "6FFC99C1-954E-408B-8A08-C79941350F05"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv160_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2D5DF69-3106-40B4-9DEA-1655EC394E01"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv160:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "EC1DC21D-8C6C-4CE7-B5CB-8646659B02BC"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv260p_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3BA3E845-95EC-4CAD-8105-2348F8D58E3A"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv260p:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A62A6E2F-FA43-4F40-A684-651FEDAC2114"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv260w_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33291CE9-C896-4798-BAD3-5ACA2A412E92"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv260w:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "95737F9F-1779-4AAB-875E-2CD586A8B780"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv340_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FAA54684-D12C-4050-AFD3-A1A3E2B6585F"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv340:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2A4411AC-2A74-4315-BA6B-D7E1AA538BDB"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv340w_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7440DB48-9ACC-4D14-A042-12946145AB45"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv340w:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "21E55019-F969-4ACD-A6C8-1D2EE05F8EE4"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv345_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6DBB708-31C2-499B-B6DC-2DC3501F2FDE"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv345:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5E91E68B-CBE9-462E-82D4-6F588B8E84E8"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv345p_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26BE8976-95F2-41DB-A76B-E67CF07DF500"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv345p:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5120BAB7-FB3A-481E-9ECD-48341846AFBD"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]