Advisories & Notices

February 3, 2026

Several vulnerabilities exist for the Arista Edge Threat Management - Arista NG Firewall (NGFW). On affected platforms, an administrative account logged into the user interface is subject to several command injection vulnerabilities.

December 30, 2025

On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate unexpectedly. Continuous receipt of these packets with certain MACsec configurations can cause longer term disruption of dataplane traffic.

This issue was discovered internally by Arista and is not aware of any malicious uses of this issue in customer networks.

December 23, 2025

NOTICE: VeloCloud is now an Arista product.
Arista Networks has reposted this advisory that was originally posted by VMware July 5, 2020

An SQL-injection vulnerability in VeloCloud was privately reported to VMware. Patches are available to remediate this vulnerability in affected VMware products. VMware-hosted VeloCloud Orchestrators have been patched for this issue.

December 23, 2025

NOTICE: VeloCloud is now an Arista product.
Arista Networks has reposted this advisory that was originally posted by VMware October 16, 2019

The VeloCloud Orchestrator parameter authorization check mistakenly allows enterprise users to obtain information of Managed Service Provider accounts. 

December 23, 2025

NOTICE: VeloCloud is now an Arista product.
Arista Networks has reposted this advisory that was originally posted by VMware May 13, 2018

Unauthenticated Command Injection vulnerability in VMware SD-WAN Edge by VeloCloud

December 16, 2025

On affected platforms running Arista EOS with OSPFv3 configured, a specially crafted packet can cause the OSFPv3 process to have high CPU utilization which may result in the OSFPv3 process being restarted. This may cause disruption in the OSFPv3 routes on the switch.

This issue was discovered internally by Arista and is not aware of any malicious uses of this issue in customer networks.

November 18, 2025

On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane may detect this condition, and attempt to reset the IPsec processing pipeline. After reset traffic may not resume being processed. There is no impact to non-IPsec traffic or to IPsec traffic not originating or terminating on the system.

November 18, 2025

The following issues were discovered during regular penetration testing of Arista’s EOS. Issues detailed cover CloudVision Exchange (CVX) based features including Media Control Services (MCS)

1. CVE-2025-5088 - An authenticated Redis session could be used to obtain full root access to all servers in the CVX cluster
2. CVE-2025-5089 - Malformed messages received from the connected CVX server can cause SysDB agent crashes.
3. CVE-2025-5090 - Unexpected messages from a connected switch may lead to agent crashes on CVX causing instability in the CVX cluster.

These issues were discovered during Arista sponsored penetration testing and Arista is not aware of any malicious uses of this issue in customer networks.

November 11, 2025

On affected platforms running Arista EOS, certain serial console input might result in an unexpected reload of the device.

This issue was discovered internally by Arista and is not aware of any malicious uses of this issue in customer networks.

October 22, 2025

The following issues were discovered in Arista DANZ Monitoring Fabric (DMF). These issues affect DMF, Converged Cloud Fabric (CCF), CloudVision Appliance (CVA), and Multi-Cloud Director (MCD).

1. CVE-2025-54545 Local privilege escalation from the CLI
2. CVE-2025-54546 SSH Port forwarding available to restricted users
3. CVE-2025-54547 In multiplexed ssh, sftp/scp operations possible after session timeout
4. CVE-2025-54548 Config database visible to restricted users through debug API
5. CVE-2025-54549 Update image verification bypass