May “In the Trend of VM” (#15): vulnerabilities in Microsoft Windows and the Erlang/OTP framework. A traditional monthly vulnerability roundup. 
Post on Habr (rus)
Digest on the PT website (rus)
A total of 4 trending vulnerabilities:
Elevation of Privilege – Windows Common Log File System Driver (CVE-2025-29824) Elevation of Privilege – Windows Process Activation (CVE-2025-21204) Spoofing – Windows NTLM (CVE-2025-24054) Remote Code Execution – Erlang/OTP (CVE-2025-32433)
About Remote Code Execution – Erlang/OTP (CVE-2025-32433) vulnerability. Erlang is a programming language used to build massively scalable soft real-time systems with requirements for high availability. Used in telecom, banking, e-commerce, telephony, and messaging. OTP is a set of Erlang libraries and design principles providing middle-ware to develop these systems.
A message handling vulnerability in the Erlang/OTP SSH server allows an unauthenticated attacker to execute arbitrary code. The code runs in the context of the SSH daemon. If the daemon is running as root, this grants full control over the device.
The vendor bulletin was released on April 16. Updated versions: OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20.
On April 17, a write-up and a PoC exploit (developed using AI) appeared on the Platform Security blog.
Cisco devices are affected – and likely not the only ones. 
No signs of exploitation in the wild so far.
This is my personal blog. The opinions expressed here are my own and not of my employer. All product names, logos, and brands are property of their respective owners. All company, product and service names used here for identification purposes only. Use of these names, logos, and brands does not imply endorsement. You can freely use materials of this site, but it would be nice if you place a link on https://avleonov.com and send message about it at me@avleonov.com or contact me any other way.