Latest vulnerabilities for vendor "arista"

Where

Sort:

Software

arista eos

arista edge threat management - arista ng firewall

arista 7050cx3-32s

arista dcs-7050cx3m-32s

arista dcs-7050sx3-48yc8

arista cloudvision

arista dcs-7050sx3-48c8

arista dcs-7050sx3-48yc12

arista dcs-7050sx3-96yc8

arista dcs-7050tx3-48c8

arista 7050sx3-48yc

arista 7280 series

arista 7500 series

arista ccs-720xp-24y6

arista ccs-720xp-24zy4

arista ccs-720xp-48y6

arista ccs-720xp-48zc2

arista 7500r series switch

arista 7050sx2 series

SUSE Linux Enterprise ServerLinux Kernel Incorrect Resource Transfer Between Spheres Vulnerability

Risk 91

Severity

7.8

Exploited

Trending

Year

First published (updated )

CVE-2026-31431

Arista EOSOn affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate unexpectedly. Continuous receipt of these packets with certain MACsec configurations can cause longer term disruption o

Risk 26

Severity

5.3

First published (updated )

CVE-2025-7048

Arista EOSA specially crafted packet can cause the OSFPv3 process to have high CPU utilization which may result in the OSFPv3 process being restarted

Risk 29

Severity

7.1

EPSS

0.02%

First published (updated )

CVE-2025-8872

Arista NG FirewallArista NG Firewall load_capture_settings Exposed Dangerous Function Information Disclosure Vulnerability

Risk 53

First published (updated )

Advisory

ZDI-25-1018

Arista NG FirewallArista NG Firewall runTroubleshooting Command Injection Remote Code Execution Vulnerability

Risk 72

First published (updated )

Advisory

ZDI-25-1020

Arista NG FirewallZDI-25-1020: Arista NG Firewall runTroubleshooting Command Injection Remote Code Execution Vulnerability

Risk 72

First published (updated )

ZDI-CAN-27310

Arista NG FirewallZDI-25-1019: Arista NG Firewall replace_marker Exposed Dangerous Function Authentication Bypass Vulnerability

Risk 45

First published (updated )

ZDI-CAN-27007

Arista NG FirewallZDI-25-1018: Arista NG Firewall load_capture_settings Exposed Dangerous Function Information Disclosure Vulnerability

Risk 53

First published (updated )

ZDI-CAN-27006

Arista EOSOn affected platforms running Arista EOS, certain serial console input might result in an unexpected reload of the device.

Risk 23

Severity

5.6

EPSS

0.03%

First published (updated )

CVE-2025-8870

Arubanetworks ArubaosAuthenticated Command Injection Vulnerability in AOS-8 Controller/Mobility Conductor Web-Based Management Interface via the CLI Binaryalong with accounting controls for tracking and logging user activities and resource usage.

Risk 66

Severity

7.2

First published (updated )

CVE-2025-37133

Arista EOSOn affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do n

Risk 43

Severity

7.5

First published (updated )

CVE-2025-6188

Arista EOSOn affected platforms running Arista EOS, the global common encryption key configuration may be logged in clear text, in local or remote accounting logs. Knowledge of both the encryption key and protocol specific encrypted secrets from the device running-c

Risk 20

Severity

3.8

First published (updated )

CVE-2025-3456

Arista EOSn affected platforms running Arista EOS, ACL policies may not be enforced. IPv4 ingress ACL, MAC ingress ACL, or IPv6 standard ingress ACL enabled on one or more ethernet or LAG interfaces may result in ACL policies not being enforced for ingress packets.

Risk 15

Severity

2.6

First published (updated )

CVE-2025-2826

Arista EOSOn affected platforms with hardware IPSec support running Arista EOS with IPsec enabled and anti-replay protection configured, EOS may exhibit unexpected behavior in specific cases. Received duplicate encrypted packets, which should be dropped under normal

Risk 27

Severity

5.3

First published (updated )

CVE-2025-2796

Arista EOSOn affected platforms running Arista EOS, ingress traffic on Layer 2 ports may, under certain conditions, be improperly forwarded to ports associated with different VLANs, resulting in a breach of VLAN isolation and segmentation boundaries.

Risk 40

Severity

6.5

First published (updated )

CVE-2024-11185

Arista EOSOn affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropp

Risk 43

Severity

7.5

First published (updated )

CVE-2024-9448

Arista EOSOn affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear.

Risk 66

Severity

9.1

First published (updated )

CVE-2024-12378

Arista CloudVision PortalOn affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-prem

Risk 87

Severity

First published (updated )

CVE-2024-11186

Arista CloudVisionOn Arista CloudVision systems (virtual or physical on-premise deployments), Zero Touch Provisioning can be used to gain admin privileges on the CloudVision system, with more permissions than necessary, which can be used to query or manipulate system state

Risk 73

Severity

First published (updated )

CVE-2025-0505

Arista CloudVision PortalOn affected versions of the Arista CloudVision Portal (CVP on-prem), the time-bound device onboarding token can be used to gain admin privileges on CloudVision.

Risk 59

Severity

8.7

First published (updated )

CVE-2024-8100

Arista EOSOn affected platforms running Arista EOS with a gNMI transport enabled, running the gNOI File TransferToRemote RPC with credentials for a remote server may cause these remote-server credentials to be logged or accounted on the local EOS device or possibly

Risk 38

Severity

6.5

First published (updated )

CVE-2025-0936

Arista NG Firewall(0Day) Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability

Risk 80

Severity

9.6

First published (updated )

CVE-2025-2767

Arista NG Firewall(0Day) Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability

Risk 77

Severity

8.8

First published (updated )

Advisory

ZDI-25-181

Arista NG FirewallZDI-25-181: (0Day) Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability

Risk 77

Severity

8.8

First published (updated )

ZDI-CAN-24407

Arista AOS-CXAuthenticated Access Control Vulnerability allows Sensitive Information Disclosure in AOS-CX REST Interface

Risk 22

Severity

4.3

First published (updated )

CVE-2025-25042

Arista EOSOn affected platforms running Arista EOS with 802.1X configured, certain conditions may occur where a dynamic ACL is received from the AAA server resulting in only the first line of the ACL being installed after an Accelerated Software Upgrade (ASU) restar

Risk 32

Severity

5.3

First published (updated )

CVE-2024-8000

Arista EOSOn affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping.

Risk 27

Severity

5.3

First published (updated )

CVE-2024-9135

Arista EOSOn affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected.

Risk 72

Severity

9.1

First published (updated )

CVE-2025-1260

Arista EOSOn affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected.

Risk 44

Severity

7.7

First published (updated )

CVE-2025-1259

Arista NG FirewallSpecially constructed queries cause cross platform scripting leaking administrator tokens

Risk 56

Severity

8.8

EPSS

0.04%

First published (updated )

CVE-2024-9188

Trending

Vendor Risk Score

Software

SUSE Linux Enterprise ServerLinux Kernel Incorrect Resource Transfer Between Spheres Vulnerability

Arista EOSOn affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate unexpectedly. Continuous receipt of these packets with certain MACsec configurations can cause longer term disruption o

Arista EOSA specially crafted packet can cause the OSFPv3 process to have high CPU utilization which may result in the OSFPv3 process being restarted

Arista NG FirewallArista NG Firewall load_capture_settings Exposed Dangerous Function Information Disclosure Vulnerability

Arista NG FirewallArista NG Firewall runTroubleshooting Command Injection Remote Code Execution Vulnerability

Don't miss critical vulnerabilities

Arista NG FirewallZDI-25-1020: Arista NG Firewall runTroubleshooting Command Injection Remote Code Execution Vulnerability

Arista NG FirewallZDI-25-1019: Arista NG Firewall replace_marker Exposed Dangerous Function Authentication Bypass Vulnerability

Arista NG FirewallZDI-25-1018: Arista NG Firewall load_capture_settings Exposed Dangerous Function Information Disclosure Vulnerability

Arista EOSOn affected platforms running Arista EOS, certain serial console input might result in an unexpected reload of the device.

Arubanetworks ArubaosAuthenticated Command Injection Vulnerability in AOS-8 Controller/Mobility Conductor Web-Based Management Interface via the CLI Binaryalong with accounting controls for tracking and logging user activities and resource usage.

Don't miss critical vulnerabilities

Arista EOSOn affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do n

Arista EOSOn affected platforms running Arista EOS, the global common encryption key configuration may be logged in clear text, in local or remote accounting logs. Knowledge of both the encryption key and protocol specific encrypted secrets from the device running-c

Arista EOSn affected platforms running Arista EOS, ACL policies may not be enforced. IPv4 ingress ACL, MAC ingress ACL, or IPv6 standard ingress ACL enabled on one or more ethernet or LAG interfaces may result in ACL policies not being enforced for ingress packets.

Arista EOSOn affected platforms with hardware IPSec support running Arista EOS with IPsec enabled and anti-replay protection configured, EOS may exhibit unexpected behavior in specific cases. Received duplicate encrypted packets, which should be dropped under normal

Arista EOSOn affected platforms running Arista EOS, ingress traffic on Layer 2 ports may, under certain conditions, be improperly forwarded to ports associated with different VLANs, resulting in a breach of VLAN isolation and segmentation boundaries.

Don't miss critical vulnerabilities

Arista EOSOn affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropp

Arista EOSOn affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear.

Arista CloudVision PortalOn affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-prem

Arista CloudVisionOn Arista CloudVision systems (virtual or physical on-premise deployments), Zero Touch Provisioning can be used to gain admin privileges on the CloudVision system, with more permissions than necessary, which can be used to query or manipulate system state

Arista CloudVision PortalOn affected versions of the Arista CloudVision Portal (CVP on-prem), the time-bound device onboarding token can be used to gain admin privileges on CloudVision.

Don't miss critical vulnerabilities

Arista EOSOn affected platforms running Arista EOS with a gNMI transport enabled, running the gNOI File TransferToRemote RPC with credentials for a remote server may cause these remote-server credentials to be logged or accounted on the local EOS device or possibly

Arista NG Firewall(0Day) Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability

Arista NG Firewall(0Day) Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability

Arista NG FirewallZDI-25-181: (0Day) Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability

Arista AOS-CXAuthenticated Access Control Vulnerability allows Sensitive Information Disclosure in AOS-CX REST Interface

Don't miss critical vulnerabilities

Arista EOSOn affected platforms running Arista EOS with 802.1X configured, certain conditions may occur where a dynamic ACL is received from the AAA server resulting in only the first line of the ACL being installed after an Accelerated Software Upgrade (ASU) restar

Arista EOSOn affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping.

Arista EOSOn affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected.

Arista EOSOn affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected.

Arista NG FirewallSpecially constructed queries cause cross platform scripting leaking administrator tokens

Don't miss critical vulnerabilities

Company

Resources

Contact