cbcvebase.
CVE-2021-28510
published 2023-01-26

CVE-2021-28510: For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the…

PriorityP337high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
1.00%
58.6th percentile
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.

Affected

11 ranges
VendorProductVersion rangeFixed in
aristaeos< 4.23.104.23.10
aristaeos>= 4.24.0 < 4.24.84.24.8
aristaeos>= 4.25.0 < 4.25.64.25.6
aristaeos>= 4.26.0 < 4.26.44.26.4
aristaeos>= 4.27.0 < 4.27.14.27.1
arista_networkseos
arista_networkseos4.23.10 – 4.23.0
arista_networkseos4.24.8 – 4.24.0
arista_networkseos4.25.6 – 4.25.0
arista_networkseos4.26.4 – 4.26.0
arista_networkseos4.27.1 – 4.27.0
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.