Erlang/OTP 17.0 < 27.3.4.14 / 28.0 < 28.5.0.3 / 29.0 < 29.0.3 Multiple Vulnerabilities

medium Nessus Plugin ID 325890

Synopsis

The remote host is affected by multiple vulnerabilities.

Description

The version of Erlang/OTP installed on the remote host is 17.0 prior to 27.3.4.14, 28.0 prior to 28.5.0.3, or 29.0 prior to 29.0.3. It is, therefore, affected by multiple vulnerabilities:

- Observable Response Discrepancy vulnerability in Erlang OTP ssh (ssh_sftpd module) allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory.
(CVE-2026-53422)

- Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Erlang OTP ssh (ssh_sftpd module) allows an authenticated SFTP user to render an SFTP channel permanently unresponsive. (CVE-2026-54886)

- Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl (tls_gen_connection module) allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. (CVE-2026-54891)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Erlang/OTP version 27.3.4.14, 28.5.0.3, or 29.0.3 or later.

See Also

https://github.com/erlang/otp/security/advisories/GHSA-7wp4-pc27-2vj9

https://github.com/erlang/otp/security/advisories/GHSA-gf6r-99xw-6qg6

https://github.com/erlang/otp/security/advisories/GHSA-h9pw-h5w4-h976

Plugin Details

Severity: Medium

ID: 325890

File Name: erlang_otp_CVE-2026-53422.nasl

Version: 1.1

Type: Local

Agent: windows, macosx, unix

Family: Misc.

Published: 7/9/2026

Updated: 7/9/2026

Configuration: Enable thorough checks (optional)

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.2

Percentile: 51.08

CVSS v2

Risk Factor: Medium

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS Score Source: CVE-2026-53422

CVSS v3

Risk Factor: Medium

Base Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Vulnerability Information

CPE: cpe:/a:erlang:erlang%2fotp

Required KB Items: installed_sw/Erlang-OTP

Patch Publication Date: 7/2/2026

Vulnerability Publication Date: 7/2/2026

Reference Information

CVE: CVE-2026-53422, CVE-2026-54886, CVE-2026-54891