Arista Networks Eos vulnerabilities
35 known vulnerabilities affecting arista_networks/eos.
Total CVEs
35
CISA KEV
1
actively exploited
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL4HIGH12MEDIUM17LOW2
Vulnerabilities
Page 1 of 2
CVE-2026-7473P1MEDIUMCVSS 5.8KEVv4.36.0≥ 4.35.0, ≤ 4.35+5 more2026-06-05
CVE-2026-7473 [MEDIUM] CWE-1023 CVE-2026-7473: On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (V
On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a destination IP matching its configured decapsulation
nvd
CVE-2024-27890P2CRITICALCVSS 9.6≥ 4.29.0, ≤ 4.29.7M≥ 4.28.0, ≤ 4.28.10M+4 more2026-06-04
CVE-2024-27890 [CRITICAL] CWE-306 CVE-2024-27890: Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when
Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch.
nvd
CVE-2024-27892P3CRITICALCVSS 9.6≥ 4.31.0, ≤ 4.31.2F≥ 4.30.0, ≤ 4.30.5M+6 more2026-06-04
CVE-2024-27892 [CRITICAL] CWE-306 CVE-2024-27892: Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when
Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch.
nvd
CVE-2021-28506P3CRITICALCVSS 9.1≥ 4.26.2F, ≤ 4.26.0≥ 4.25.5.1M, ≤ 4.25.5+3 more2022-01-14
CVE-2021-28506 [CRITICAL] CWE-285 CVE-2021-28506: An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authori
An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device.
nvd
CVE-2025-1260P3CRITICALCVSS 9.1≥ 4.33.0, ≤ 4.33.1≥ 4.32.0, ≤ 4.32.3+4 more2025-03-04
CVE-2025-1260 [CRITICAL] CWE-284 CVE-2025-1260: On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when
On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in unexpected configuration/operations being applied to the switch.
nvd
CVE-2025-6188P3HIGHCVSS 7.5≥ 4.33.0, ≤ 4.33.1F≥ 4.33.1.0, ≤ 4.33.1.2F+3 more2025-08-25
CVE-2025-6188 [HIGH] CWE-290 CVE-2025-6188: On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may b
On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do not perform some form of authentication.
nvd
CVE-2025-1259P3HIGHCVSS 7.7≥ 4.33.0, ≤ 4.33.1≥ 4.32.0, ≤ 4.32.3+4 more2025-03-04
CVE-2025-1259 [HIGH] CWE-284 CVE-2025-1259: On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when
On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in users retrieving data that should not have been available
nvd
CVE-2024-9448P3HIGHCVSS 7.5≥ 4.33.0, ≤ 4.33.0F≥ 4.32.0, ≤ 4.32.3M+2 more2025-05-08
CVE-2024-9448 [HIGH] CWE-1284 CVE-2024-9448: On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cau
On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be forwarded as if the rule was not in place. This could lead to packets being
nvd
CVE-2025-8873P3HIGHCVSS 7.5≥ 4.33.0M, ≤ 4.33.4M≥ 4.32.0M, ≤ 4.32.6.1M+3 more2026-06-04
CVE-2025-8873 [HIGH] CWE-1286 CVE-2025-8873: On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause
On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane may detect this condition, and attempt to reset the IPsec processing pipeline. After reset traffic may not resume being processed. There is no impact to non-IPsec traffic or to IPsec
nvd
CVE-2021-28505P3HIGHCVSS 7.5≥ 4.26.3M, ≤ 4.26.0≥ 4.27.0F, ≤ 4.27.02022-04-14
CVE-2021-28505 [HIGH] CWE-284 CVE-2021-28505: On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applie
On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol.
nvd
CVE-2023-24511P3HIGHCVSS 7.5v4.28.0 4.28.5.1Mv4.27.0 4.27.8.1M+4 more2023-04-12
CVE-2023-24511 [HIGH] CWE-401 CVE-2023-24511: On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause
On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmpd process. This may result in the snmpd processing being terminated (causing SNMP requests to time out until snmpd is automatically restarted) and potential memory resource exhaustion for other processes on the switch. The vulner
nvd
CVE-2021-28504P3HIGHCVSS 7.5≥ 4.26.3F, ≤ 4.26.0≥ 4.27.0F, ≤ 4.27.02022-04-01
CVE-2021-28504 [HIGH] CWE-284 CVE-2021-28504: On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-lis
On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on “vxlan” as protocol then that rule and subsequent rules ( rules declared after it in ACL ) do not match on IP protocol field as expected.
nvd
CVE-2023-5502P3MEDIUMCVSS 5.9≥ 4.31.0, ≤ 4.31.0F≥ 4.30.0, ≤ 4.30.4M+6 more2026-06-04
CVE-2023-5502 [MEDIUM] CWE-287 CVE-2023-5502: On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk p
On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, and routing enabled on the access VLAN of the ports, a malicious supplicant may be able to bypass the requirement to perform 802.1x authentication.
nvd
CVE-2025-0936P3MEDIUMCVSS 6.5≥ 4.33.0, ≤ 4.33.1≥ 4.32.0, ≤ 4.32.3M+2 more2025-05-07
CVE-2025-0936 [MEDIUM] CWE-256 CVE-2025-0936: On affected platforms running Arista EOS with a gNMI transport enabled, running the gNOI File Transf
On affected platforms running Arista EOS with a gNMI transport enabled, running the gNOI File TransferToRemote RPC with credentials for a remote server may cause these remote-server credentials to be logged or accounted on the local EOS device or possibly on other remote accounting servers (i.e. TACACS, RADIUS, etc).
nvd
CVE-2021-28510P3HIGHCVSS 7.5v4.22≥ 4.27.1, ≤ 4.27.0+4 more2023-01-26
CVE-2021-28510 [HIGH] CWE-400 CVE-2021-28510: For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling me
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.
nvd
CVE-2023-24545P3HIGHCVSS 7.5≥ 4.29.0, ≤ 4.29.1F≥ 4.28.0, ≤ 4.28.4M+2 more2023-04-12
CVE-2023-24545 [HIGH] CWE-400 CVE-2023-24545: On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can l
On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.
nvd
CVE-2023-24513P3HIGHCVSS 7.5≥ 4.29.0, ≤ 4.29.1F≥ 4.28.0, ≤ 4.28.5M+2 more2023-04-12
CVE-2023-24513 [HIGH] CWE-126 CVE-2023-24513: On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can l
On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.
nvd
CVE-2023-3646P3HIGHCVSS 7.5≥ 4.28.2F, ≤ 4.28.5.1M ≥ 4.29.0, ≤ 4.29.1F2023-08-29
CVE-2023-3646 [HIGH] CWE-125 CVE-2023-3646: On affected platforms running Arista EOS with mirroring to multiple destinations configured, an inte
On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.
nvd
CVE-2025-8872P3MEDIUMCVSS 6.5≥ 4.34.0, ≤ 4.34.1F≥ 4.33.0, ≤ 4.33.4M+3 more2025-12-16
CVE-2025-8872 [MEDIUM] CWE-400 CVE-2025-8872: On affected platforms running Arista EOS with OSPFv3 configured, a specially crafted packet can caus
On affected platforms running Arista EOS with OSPFv3 configured, a specially crafted packet can cause the OSFPv3 process to have high CPU utilization which may result in the OSFPv3 process being restarted. This may cause disruption in the OSFPv3 routes on the switch.
This issue was discovered internally by Arista and is not aware of any malicious use
nvd
CVE-2024-5872P4MEDIUMCVSS 6.5≥ 4.32.0F, ≤ 4.32.2F≥ 4.31.0M, ≤ 4.31.4M+3 more2025-01-10
CVE-2024-5872 [MEDIUM] CVE-2024-5872: On affected platforms running Arista EOS, a specially crafted packet with incorrect VLAN tag might b
On affected platforms running Arista EOS, a specially crafted packet with incorrect VLAN tag might be copied to CPU, which may cause incorrect control plane behavior related to the packet, such as route flaps, multicast routes learnt, etc.
nvd
1 / 2Next →