CVE-2025-7048

CWE-8053 documents3 sources
Severity
5.3MEDIUM
EPSS
0.0%
top 98.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Arista Networks EOS
Timeline
PublishedJan 6

Description

On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate unexpectedly. Continuous receipt of these packets with certain MACsec configurations can cause longer term disruption of dataplane traffic.

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Packages1 packages

CVEListV5arista_networks/eos4.34.3.04.34.3.1M+4

🔴Vulnerability Details

2
CVEList
On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate unexpectedly. Continuous receipt of these packets with certain 2026-01-06
GHSA
GHSA-8wvr-g2vr-63w6: On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate unexpectedly2026-01-06
CVE-2025-7048 (MEDIUM CVSS 5.3) | On affected platforms running Arist | cvebase.io