Security Advisories

 

Arista Networks is committed to maintaining the highest standards of security across our product portfolio. Leveraging extensive testing and monitoring of vulnerabilities to isolate and neutralize threats early, Arista's Product Security Incident Response Team (PSIRT) provides global coverage for public reporting of possible security vulnerabilities across the product portfolio.

The PSIRT team monitors industry-wide vulnerability reporting as well as providing a single point of contact for customers and interested third parties to investigate and identify potential threats. The PSIRT team also works to communicate these issues back to the user community in a timely manner.

Arista's approach to vulnerability management and links to best practice guidelines can be found here.

For technical assistance with workarounds and hotfix installations recommended in security advisories, please contact the Arista Support team at 이 이메일 주소가 스팸봇으로부터 보호됩니다. 확인하려면 자바스크립트 활성화가 필요합니다..

Report security vulnerabilities found in Arista products to the PSIRT team via 이 이메일 주소가 스팸봇으로부터 보호됩니다. 확인하려면 자바스크립트 활성화가 필요합니다.. It is recommended to use Arista's PGP key for secure and private communication directly with the PSIRT team.

Arista PSIRT is happy to work with researchers on discovered vulnerabilities in Arista products, the assignment of CVEs, and timelines for responsible disclosure. If a researcher discovers a new vulnerability they will be acknowledged in the advisory related to the vulnerability. Arista PSIRT is interested in receiving reports on issues affecting features in both Arista code as well as Open Source Software used in Arista products. Security issues found in Open Source Software which do not affect Arista products are out of the scope of Arista and should be referred to the appropriate CNA found here.

 

PSIRT Advisories

The following advisories and referenced materials are provided on an "as is" basis for use at your own risk. Arista Networks reserves the right to change or update the advisories without notice at any time.

Security Advisory 0128

December 16, 2025

On affected platforms running Arista EOS with OSPFv3 configured, a specially crafted packet can cause the OSFPv3 process to have high CPU utilization which may result in the OSFPv3 process being restarted. This may cause disruption in the OSFPv3 routes on the switch.

This issue was discovered internally by Arista and is not aware of any malicious uses of this issue in customer networks.

Security Advisory 0127

November 18, 2025

On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane may detect this condition, and attempt to reset the IPsec processing pipeline. After reset traffic may not resume being processed. There is no impact to non-IPsec traffic or to IPsec traffic not originating or terminating on the system.

Security Advisory 0126

November 18, 2025

The following issues were discovered during regular penetration testing of Arista’s EOS. Issues detailed cover CloudVision Exchange (CVX) based features including Media Control Services (MCS)

  1. CVE-2025-5088 - An authenticated Redis session could be used to obtain full root access to all servers in the CVX cluster
  2. CVE-2025-5089 - Malformed messages received from the connected CVX server can cause SysDB agent crashes.
  3. CVE-2025-5090 - Unexpected messages from a connected switch may lead to agent crashes on CVX causing instability in the CVX cluster.

These issues were discovered during Arista sponsored penetration testing and Arista is not aware of any malicious uses of this issue in customer networks.

Security Advisory 0125

November 11, 2025

On affected platforms running Arista EOS, certain serial console input might result in an unexpected reload of the device.

 

This issue was discovered internally by Arista and is not aware of any malicious uses of this issue in customer networks.

Security Advisory 0124

October 22, 2025

The following issues were discovered in Arista DANZ Monitoring Fabric (DMF). These issues affect DMF, Converged Cloud Fabric (CCF), CloudVision Appliance (CVA), and Multi-Cloud Director (MCD).

  1. CVE-2025-54545 Local privilege escalation from the CLI
  2. CVE-2025-54546 SSH Port forwarding available to restricted users
  3. CVE-2025-54547 In multiplexed ssh, sftp/scp operations possible after session timeout
  4. CVE-2025-54548 Config database visible to restricted users through debug API
  5. CVE-2025-54549 Update image verification bypass

Security Advisory 0123

October 21, 2025

Several vulnerabilities exist for the Arista Edge Threat Management - Arista NG Firewall (NGFW)

Security Advisory 0122

July 22, 2025

On affected platforms running Arista EOS, the global common encryption key configuration may be logged in clear text, in local or remote accounting logs. Knowledge of both the encryption key and protocol specific encrypted secrets from the device running-config could then be used to obtain protocol specific passwords in cases where symmetric passwords are required between devices with neighbor protocol relationships.

Arista is not aware of any malicious uses of this issue in customer networks.

Security Advisory 0121

July 22, 2025

On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do not perform some form of authentication.

This issue was discovered externally and responsibly reported to Arista by Chris Laffin of automattic.com. Arista is not aware of any malicious uses of this issue in customer networks.

Security Advisory 0120

May 27, 2025

On affected platforms running Arista EOS, ACL policies may not be enforced. IPv4 ingress ACL, MAC ingress ACL, or IPv6 standard ingress ACL enabled on one or more ethernet or LAG interfaces may result in ACL policies not being enforced for ingress packets. This can cause incoming packets to incorrectly be allowed or denied.

This issue was discovered internally and Arista is not aware of any malicious uses of this issue in customer networks.

Security Advisory 0119

May 27, 2025

On affected platforms with hardware IPSec support running Arista EOS with IPsec enabled and anti-replay protection configured, EOS may exhibit unexpected behavior in specific cases. Received duplicate encrypted packets, which should be dropped under normal anti-replay protection, will instead be forwarded due to this vulnerability.

Note: this issue does not affect VXLANSec or MACSec encryption functionality.