CVE-2025-8870: On affected platforms running Arista EOS, certain serial console input might result in an unexpected reload of the device.
Published Nov 14, 2025
·Updated
On affected platforms running Arista EOS, certain serial console input might result in an unexpected reload of the device.153
Affected Software
1 affected component
Arista EOS
Remediation
Information
The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see EOS User Manual: Upgrades and Downgrades https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades
CVE-2025-8870 has been fixed in the following releases:
* 4.35.0F and later releases
Event History
Nov 14, 2025
CVE Published
via MITRE·03:57 PM
Data Sourced
via MITRE·03:57 PM
RemedyDescriptionSeverityWeakness
Data Sourced
via NVD·04:15 PM
DescriptionSeverityWeakness
Nov 27, 57876
Event
via FIRST·04:04 PM
Frequently Asked Questions
1
What is the severity of CVE-2025-8870?
CVE-2025-8870 is classified with a severity rating that indicates a significant risk of device disruption due to unexpected reloads.
2
How do I fix CVE-2025-8870?
To mitigate CVE-2025-8870, users should apply any available patches or updates provided by Arista for affected versions of EOS.
3
What are the potential impacts of CVE-2025-8870?
The potential impacts of CVE-2025-8870 include unexpected reloads of the device, leading to downtime and possible disruption of services.
4
Which systems are affected by CVE-2025-8870?
CVE-2025-8870 affects platforms running Arista EOS that process certain serial console inputs.
5
Is CVE-2025-8870 currently being exploited?
As of now, there is no public report indicating that CVE-2025-8870 is actively being exploited in the wild.