CVE-2025-6188
Severity
7.5HIGH
EPSS
0.0%
top 87.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 25
Latest updateAug 26
Description
On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do not perform some form of authentication.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6
Affected Packages1 packages
🔴Vulnerability Details
2GHSA▶
GHSA-hjjq-j76f-mvq4: On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS↗2025-08-26
CVEList▶
On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpecte↗2025-08-25