<![CDATA[The convergence of Information Technology (IT) and Operational Technology (OT) infrastructures exposes organizations to new risks, particularly when facing critical vulnerabilities. This research evaluates the security posture of IT/OT environments against CVE-2025-32433, a severe vulnerability in Erlang/OTP’s SSH daemon that allows unauthenticated remote code execution. The assessment was conducted in a real environment using the Keysight Threat Simulator, where simulated threats were injected from the darkcloud, passed through a Palo Alto Networks firewall, and targeted a host system (Windows Server 2016) with Keysight Agent version 25.7.3-1751647889 and ATI version 25.5.4181.502994. This campaign involving seven malware scenarios using remote hosts and DNS callbacks. The results showed 43 prevention outcomes, 0 detection events, and 9 security recommendations. While the firewall prevented part of the attacks, the detection capability at the host level failed entirely, indicating potential blind spots in monitoring and response.The study concludes that proactive threat simulation is essential for identifying prevention gaps and detection weaknesses in converged IT/OT networks. Recommendations include strengthening host-based detection, improving IT/OT segmentation, and enhancing monitoring of DNS traffic to mitigate exploitation risks.]]>
Copyrights © 2025
