Security Advisories
Arista Networks is committed to maintaining the highest standards of security across our product portfolio. Leveraging extensive testing and monitoring of vulnerabilities to isolate and neutralize threats early, Arista's Product Security Incident Response Team (PSIRT) provides global coverage for public reporting of possible security vulnerabilities across the product portfolio.
The PSIRT team monitors industry-wide vulnerability reporting as well as providing a single point of contact for customers and interested third parties to investigate and identify potential threats. The PSIRT team also works to communicate these issues back to the user community in a timely manner.
Arista's approach to vulnerability management and links to best practice guidelines can be found here.
For technical assistance with workarounds and hotfix installations recommended in security advisories, please contact the Arista Support team at This email address is being protected from spambots. You need JavaScript enabled to view it..
Report security vulnerabilities found in Arista products to the PSIRT team via This email address is being protected from spambots. You need JavaScript enabled to view it.. It is recommended to use Arista's PGP key for secure and private communication directly with the PSIRT team.
Arista PSIRT is happy to work with researchers on discovered vulnerabilities in Arista products, the assignment of CVEs, and timelines for responsible disclosure. If a researcher discovers a new vulnerability they will be acknowledged in the advisory related to the vulnerability. Arista PSIRT is interested in receiving reports on issues affecting features in both Arista code as well as Open Source Software used in Arista products. Security issues found in Open Source Software which do not affect Arista products are out of the scope of Arista and should be referred to the appropriate CNA found here.
PSIRT Advisories
The following advisories and referenced materials are provided on an "as is" basis for use at your own risk. Arista Networks reserves the right to change or update the advisories without notice at any time.
Security Advisory 0136
May 1, 2026
Arista Networks is providing this security update in response to a recent, publicly disclosed security vulnerability widely known as “Copy Fail”. Exploitation of this issue allows for an unprivileged local user to gain root access to a device by running a script or executable binary. Access to an environment where arbitrary code can be executed is required for this vulnerability to be exploitable.
Security Advisory 0135
April 7, 2026
Arista Networks is providing this security advisory regarding three high-severity vulnerabilities identified in runC, the lightweight, command-line tool for spawning and running containers. These vulnerabilities present a potential risk of allowing malicious actors to circumvent container isolation mechanisms.
Security Advisory 0134
February 17, 2026
On affected platforms with hardware IPSec support running Arista EOS with certain IPsec features enabled, EOS may exhibit unexpected behavior in specific cases. Physical interface flaps and certain agent restarts can cause IPsec tunnel re-establishment with existing Security Associations, resulting in sequence number mismatches between tunnel endpoints potentially causing unstable communication.
Security Advisory 0133
February 3, 2026
Several vulnerabilities exist for the Arista Edge Threat Management - Arista NG Firewall (NGFW). On affected platforms, an administrative account logged into the user interface is subject to several command injection vulnerabilities.
Security Advisory 0132
December 30, 2025
On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate unexpectedly. Continuous receipt of these packets with certain MACsec configurations can cause longer term disruption of dataplane traffic.
This issue was discovered internally by Arista and is not aware of any malicious uses of this issue in customer networks.
Security Advisory 0131
December 23, 2025
NOTICE: VeloCloud is now an Arista product.
Arista Networks has reposted this advisory that was originally posted by VMware July 5, 2020
An SQL-injection vulnerability in VeloCloud was privately reported to VMware. Patches are available to remediate this vulnerability in affected VMware products. VMware-hosted VeloCloud Orchestrators have been patched for this issue.
Security Advisory 0130
December 23, 2025
NOTICE: VeloCloud is now an Arista product.
Arista Networks has reposted this advisory that was originally posted by VMware October 16, 2019
The VeloCloud Orchestrator parameter authorization check mistakenly allows enterprise users to obtain information of Managed Service Provider accounts.
Security Advisory 0129
December 23, 2025
NOTICE: VeloCloud is now an Arista product.
Arista Networks has reposted this advisory that was originally posted by VMware May 13, 2018
Unauthenticated Command Injection vulnerability in VMware SD-WAN Edge by VeloCloud
Security Advisory 0128
December 16, 2025
On affected platforms running Arista EOS with OSPFv3 configured, a specially crafted packet can cause the OSFPv3 process to have high CPU utilization which may result in the OSFPv3 process being restarted. This may cause disruption in the OSFPv3 routes on the switch.
This issue was discovered internally by Arista and is not aware of any malicious uses of this issue in customer networks.
Security Advisory 0127
November 18, 2025
On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane may detect this condition, and attempt to reset the IPsec processing pipeline. After reset traffic may not resume being processed. There is no impact to non-IPsec traffic or to IPsec traffic not originating or terminating on the system.