CVE-2025-2796Networks EOS vulnerability

3 documents3 sources
Severity
5.3MEDIUMNVD
EPSS
0.1%
top 64.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Arista Networks EOS
Timeline
PublishedMay 27
Latest updateMay 28

Description

On affected platforms with hardware IPSec support running Arista EOS with IPsec enabled and anti-replay protection configured, EOS may exhibit unexpected behavior in specific cases. Received duplicate encrypted packets, which should be dropped under normal anti-replay protection, will instead be forwarded due to this vulnerability. Note: this issue does not affect VXLANSec or MACSec encryption functionality.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages1 packages

CVEListV5arista_networks/eos4.33.04.33.2F

🔴Vulnerability Details

2
GHSA
GHSA-2pf3-qwcm-2m4r: On affected platforms with hardware IPSec support running Arista EOS with IPsec enabled and anti-replay protection configured, EOS may exhibit unexpec2025-05-28
CVEList
On affected platforms with hardware IPSec support running Arista EOS with IPsec enabled and anti-replay protection configured, EOS may exhibit unexpected behavior in specific cases. Received duplicate2025-05-27
CVE-2025-2796 — Arista Networks EOS vulnerability | cvebase