Vulnerability-Lookup

CVE-2025-5090 (GCVE-0-2025-5090)

Vulnerability from cvelistv5 – Published: 2026-06-05 15:49 – Updated: 2026-06-09 14:37

Title

Arista CloudVision Exchange Cluster Instability via Unexpected Switch Messages

Summary

CVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An attacker could use this behavior to create a denial of service (DoS) scenario. Note that this would require the attacker to have a high privilege access to the connected switch to be able to send custom TCP packets to the CVX.

Severity

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

7.1 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-20 - Improper Input Validation

Assigner

Arista

References

1 reference

URL	Tags
https://www.arista.com/en/support/advisories-noti…	vendor-advisory

Impacted products

1 product

Vendor	Product	Version
Arista Networks	EOS / CloudVision eXchange (CVX)	Affected: 4.34.0F , ≤ 4.34.1F (custom) Affected: 4.33.0M , ≤ 4.33.4M (custom) Affected: 4.32.0M , ≤ 4.32.6M (custom) Affected: 4.31.0 , < 4.32.0 (custom) Affected: 4.30.0 , < 4.31.0 (custom)

Date Public

2025-11-18 16:46

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5090",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-09T14:08:56.120293Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-09T14:37:26.091Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "CloudVision eXchange",
            "virtual or physical appliance"
          ],
          "product": "EOS / CloudVision eXchange (CVX)",
          "vendor": "Arista Networks",
          "versions": [
            {
              "lessThanOrEqual": "4.34.1F",
              "status": "affected",
              "version": "4.34.0F",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.33.4M",
              "status": "affected",
              "version": "4.33.0M",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.32.6M",
              "status": "affected",
              "version": "4.32.0M",
              "versionType": "custom"
            },
            {
              "lessThan": "4.32.0",
              "status": "affected",
              "version": "4.31.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.31.0",
              "status": "affected",
              "version": "4.30.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIn order to be vulnerable to CVE-2025-5090, the following condition must be met: CVX must be configured:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ecvx1#show cvx\n  Status: Enabled\n  Mode: Standalone\n  Heartbeat interval: 20.0\n  Heartbeat timeout: 60.0\n  Client connection state preserving: Disabled\n  \ncvx1#show running-config section cvx\ncvx\n   no shutdown\u003c/code\u003e\u003c/pre\u003e"
            }
          ],
          "value": "In order to be vulnerable to CVE-2025-5090, the following condition must be met: CVX must be configured:\n\n\n\n\ncvx1#show cvx\n  Status: Enabled\n  Mode: Standalone\n  Heartbeat interval: 20.0\n  Heartbeat timeout: 60.0\n  Client connection state preserving: Disabled\n  \ncvx1#show running-config section cvx\ncvx\n   no shutdown"
        }
      ],
      "datePublic": "2025-11-18T16:46:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eCVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An attacker could use this behavior to create a denial of service (DoS) scenario. Note that this would require the attacker to have a high privilege access to the connected switch to be able to send custom TCP packets to the CVX.\u003c/p\u003e"
            }
          ],
          "value": "CVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An attacker could use this behavior to create a denial of service (DoS) scenario. Note that this would require the attacker to have a high privilege access to the connected switch to be able to send custom TCP packets to the CVX."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-05T15:49:27.770Z",
        "orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
        "shortName": "Arista"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/22868-security-advisory-0126"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe recommended resolution is to upgrade to a remediated software version at your earliest convenience. CVE-2025-5090 has been fixed in the following releases:\u003c/p\u003e\n\u003cul\u003e\n  \u003cli\u003e4.34.2F and later releases in the 4.34.x train\u003c/li\u003e\n  \u003cli\u003e4.33.5M and later releases in the 4.33.x train\u003c/li\u003e\n  \u003cli\u003e4.32.7M and later releases in the 4.32.x train\u003c/li\u003e\n\u003c/ul\u003e"
            }
          ],
          "value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. CVE-2025-5090 has been fixed in the following releases:\n\n\n\n    *  4.34.2F and later releases in the 4.34.x train\n\n    *  4.33.5M and later releases in the 4.33.x train\n\n    *  4.32.7M and later releases in the 4.32.x train"
        }
      ],
      "source": {
        "advisory": "0126",
        "defect": [
          "BUG1139764"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Arista CloudVision Exchange Cluster Instability via Unexpected Switch Messages",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThere is no mitigation for this issue.\u003c/p\u003e"
            }
          ],
          "value": "There is no mitigation for this issue."
        }
      ],
      "x_capecAlignment": {
        "capecId": "CAPEC-125",
        "capecName": "Flooding / Malformed Packet",
        "justification": "An attacker with high privilege access over a downstream switch can emit unexpected or malformed TCP packets causing state management code on CVX (ControllerOob/Controllerdb) to throw unhandled faults, leading to ongoing client deregistration cycles and cluster instability."
      },
      "x_generator": {
        "engine": "Vulnogram"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
    "assignerShortName": "Arista",
    "cveId": "CVE-2025-5090",
    "datePublished": "2026-06-05T15:49:27.770Z",
    "dateReserved": "2025-05-22T16:26:48.444Z",
    "dateUpdated": "2026-06-09T14:37:26.091Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-5090",
      "date": "2026-06-09",
      "epss": "0.00044",
      "percentile": "0.13793"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-5090\",\"sourceIdentifier\":\"psirt@arista.com\",\"published\":\"2026-06-05T17:16:30.347\",\"lastModified\":\"2026-06-05T19:03:48.933\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"CVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An attacker could use this behavior to create a denial of service (DoS) scenario. Note that this would require the attacker to have a high privilege access to the connected switch to be able to send custom TCP packets to the CVX.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"psirt@arista.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"psirt@arista.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"psirt@arista.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"references\":[{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisory/22868-security-advisory-0126\",\"source\":\"psirt@arista.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-5090\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-09T14:08:56.120293Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-09T14:09:28.208Z\"}}], \"cna\": {\"title\": \"Arista CloudVision Exchange Cluster Instability via Unexpected Switch Messages\", \"source\": {\"defect\": [\"BUG1139764\"], \"advisory\": \"0126\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 7.1, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N\", \"exploitMaturity\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Arista Networks\", \"product\": \"EOS / CloudVision eXchange (CVX)\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.34.0F\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"4.34.1F\"}, {\"status\": \"affected\", \"version\": \"4.33.0M\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"4.33.4M\"}, {\"status\": \"affected\", \"version\": \"4.32.0M\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"4.32.6M\"}, {\"status\": \"affected\", \"version\": \"4.31.0\", \"lessThan\": \"4.32.0\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"4.30.0\", \"lessThan\": \"4.31.0\", \"versionType\": \"custom\"}], \"platforms\": [\"CloudVision eXchange\", \"virtual or physical appliance\"], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"The recommended resolution is to upgrade to a remediated software version at your earliest convenience. CVE-2025-5090 has been fixed in the following releases:\\n\\n\\n\\n    *  4.34.2F and later releases in the 4.34.x train\\n\\n    *  4.33.5M and later releases in the 4.33.x train\\n\\n    *  4.32.7M and later releases in the 4.32.x train\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eThe recommended resolution is to upgrade to a remediated software version at your earliest convenience. CVE-2025-5090 has been fixed in the following releases:\u003c/p\u003e\\n\u003cul\u003e\\n  \u003cli\u003e4.34.2F and later releases in the 4.34.x train\u003c/li\u003e\\n  \u003cli\u003e4.33.5M and later releases in the 4.33.x train\u003c/li\u003e\\n  \u003cli\u003e4.32.7M and later releases in the 4.32.x train\u003c/li\u003e\\n\u003c/ul\u003e\", \"base64\": false}]}], \"datePublic\": \"2025-11-18T16:46:00.000Z\", \"references\": [{\"url\": \"https://www.arista.com/en/support/advisories-notices/security-advisory/22868-security-advisory-0126\", \"tags\": [\"vendor-advisory\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"There is no mitigation for this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eThere is no mitigation for this issue.\u003c/p\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"CVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An attacker could use this behavior to create a denial of service (DoS) scenario. Note that this would require the attacker to have a high privilege access to the connected switch to be able to send custom TCP packets to the CVX.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eCVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An attacker could use this behavior to create a denial of service (DoS) scenario. Note that this would require the attacker to have a high privilege access to the connected switch to be able to send custom TCP packets to the CVX.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20: Improper Input Validation\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"In order to be vulnerable to CVE-2025-5090, the following condition must be met: CVX must be configured:\\n\\n\\n\\n\\ncvx1#show cvx\\n  Status: Enabled\\n  Mode: Standalone\\n  Heartbeat interval: 20.0\\n  Heartbeat timeout: 60.0\\n  Client connection state preserving: Disabled\\n  \\ncvx1#show running-config section cvx\\ncvx\\n   no shutdown\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eIn order to be vulnerable to CVE-2025-5090, the following condition must be met: CVX must be configured:\u003c/p\u003e\\n\u003cpre\u003e\u003ccode\u003ecvx1#show cvx\\n  Status: Enabled\\n  Mode: Standalone\\n  Heartbeat interval: 20.0\\n  Heartbeat timeout: 60.0\\n  Client connection state preserving: Disabled\\n  \\ncvx1#show running-config section cvx\\ncvx\\n   no shutdown\u003c/code\u003e\u003c/pre\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7\", \"shortName\": \"Arista\", \"dateUpdated\": \"2026-06-05T15:49:27.770Z\"}, \"x_capecAlignment\": {\"capecId\": \"CAPEC-125\", \"capecName\": \"Flooding / Malformed Packet\", \"justification\": \"An attacker with high privilege access over a downstream switch can emit unexpected or malformed TCP packets causing state management code on CVX (ControllerOob/Controllerdb) to throw unhandled faults, leading to ongoing client deregistration cycles and cluster instability.\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-5090\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-09T14:37:26.091Z\", \"dateReserved\": \"2025-05-22T16:26:48.444Z\", \"assignerOrgId\": \"c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7\", \"datePublished\": \"2026-06-05T15:49:27.770Z\", \"assignerShortName\": \"Arista\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

FKIE_CVE-2025-5090

Vulnerability from fkie_nvd - Published: 2026-06-05 17:16 - Updated: 2026-06-05 19:03

Severity

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	psirt@arista.com	https://www.arista.com/en/support/advisories-notices/security-advisory/22868-security-advisory-0126

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "CVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An attacker could use this behavior to create a denial of service (DoS) scenario. Note that this would require the attacker to have a high privilege access to the connected switch to be able to send custom TCP packets to the CVX."
    }
  ],
  "id": "CVE-2025-5090",
  "lastModified": "2026-06-05T19:03:48.933",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "psirt@arista.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "psirt@arista.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-06-05T17:16:30.347",
  "references": [
    {
      "source": "psirt@arista.com",
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/22868-security-advisory-0126"
    }
  ],
  "sourceIdentifier": "psirt@arista.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@arista.com",
      "type": "Secondary"
    }
  ]
}

GHSA-3HCX-J6WP-VH2Q

Vulnerability from github – Published: 2026-06-05 18:31 – Updated: 2026-06-05 18:31

Details

Severity

6.5 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

7.1 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-5090"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-05T17:16:30Z",
    "severity": "HIGH"
  },
  "details": "CVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An attacker could use this behavior to create a denial of service (DoS) scenario. Note that this would require the attacker to have a high privilege access to the connected switch to be able to send custom TCP packets to the CVX.",
  "id": "GHSA-3hcx-j6wp-vh2q",
  "modified": "2026-06-05T18:31:39Z",
  "published": "2026-06-05T18:31:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5090"
    },
    {
      "type": "WEB",
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/22868-security-advisory-0126"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

NCSC-2025-0374

Vulnerability from csaf_ncscnl - Published: 2025-11-20 11:48 - Updated: 2025-11-20 11:48

Summary

Kwetsbaarheden verholpen in Arista EOS

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten: Arista heeft kwetsbaarheden verholpen in de Arista EOS-platform.

Interpretaties: De kwetsbaarheden zijn gerelateerd aan de verwerking van verkeerd gevormde berichten, wat kan leiden tot systeemcrashes en Denial-of-Service-omstandigheden. Aanvallers met hoge privileges kunnen deze kwetsbaarheden misbruiken, wat leidt tot ernstige operationele verstoringen. Daarnaast kan het verzenden van willekeurige bytes naar het CVX-systeem de ControllerOob-agent laten herstarten, wat ook kan resulteren in een Denial-of-Service. Bovendien heeft de Arista EOS-platform een kwetsbaarheid die systemen met IPsec beïnvloedt, waardoor de dataplane stopt met het verwerken van al het IPsec-verkeer. Dit kan een systeemreset vereisen, zonder garantie op herstel van de verkeersverwerking. Voor misbruik heeft de kwaadwillende geen authenticatie nodig. Tot slot kan een geauthenticeerde Redis-sessie volledige roottoegang krijgen tot alle servers binnen de CVX-cluster, wat een ernstige bedreiging vormt voor de beveiliging.

Oplossingen: Arista heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-20: Improper Input Validation

CWE-269: Improper Privilege Management

CWE-1286: Improper Validation of Syntactic Correctness of Input

CVE-2025-5089

The EOS switch and CVX server are susceptible to crashes and denial of service due to vulnerabilities in handling malformed messages, which can be exploited by high privilege attackers.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* Arista Networks / EOS		vers:unknown/*

CVE-2025-5090

Sending random bytes to CVX can cause the ControllerOob agent to restart, potentially leading to a denial of service if this action is repeated continuously.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* Arista Networks / EOS		vers:unknown/*

CVE-2025-8873

A vulnerability in Arista EOS with IPsec configured can halt the dataplane's processing of IPsec traffic, potentially necessitating a reset that may not restore functionality.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1286 - Improper Validation of Syntactic Correctness of Input

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* Arista Networks / EOS		vers:unknown/*

CVE-2025-5088

CVE-2025-5088 enables an authenticated Redis session to achieve full root access across all servers in the CVX cluster, necessitating network access and the Redis password, with communications currently in plaintext.

8.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* Arista Networks / EOS		vers:unknown/*

References

6 references

URL	Category
https://www.arista.com/en/support/advisories-noti…	external
https://www.arista.com/en/support/advisories-noti…	external
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Arista heeft kwetsbaarheden verholpen in de Arista EOS-platform.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden zijn gerelateerd aan de verwerking van verkeerd gevormde berichten, wat kan leiden tot systeemcrashes en Denial-of-Service-omstandigheden. Aanvallers met hoge privileges kunnen deze kwetsbaarheden misbruiken, wat leidt tot ernstige operationele verstoringen. Daarnaast kan het verzenden van willekeurige bytes naar het CVX-systeem de ControllerOob-agent laten herstarten, wat ook kan resulteren in een Denial-of-Service. Bovendien heeft de Arista EOS-platform een kwetsbaarheid die systemen met IPsec be\u00efnvloedt, waardoor de dataplane stopt met het verwerken van al het IPsec-verkeer. Dit kan een systeemreset vereisen, zonder garantie op herstel van de verkeersverwerking. Voor misbruik heeft de kwaadwillende geen authenticatie nodig. Tot slot kan een geauthenticeerde Redis-sessie volledige roottoegang krijgen tot alle servers binnen de CVX-cluster, wat een ernstige bedreiging vormt voor de beveiliging.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Arista heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Improper Privilege Management",
        "title": "CWE-269"
      },
      {
        "category": "general",
        "text": "Improper Validation of Syntactic Correctness of Input",
        "title": "CWE-1286"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/22868-security-advisory-0126"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/22869-security-advisory-0127"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Arista EOS",
    "tracking": {
      "current_release_date": "2025-11-20T11:48:20.126141Z",
      "generator": {
        "date": "2025-08-04T16:30:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.3"
        }
      },
      "id": "NCSC-2025-0374",
      "initial_release_date": "2025-11-20T11:48:20.126141Z",
      "revision_history": [
        {
          "date": "2025-11-20T11:48:20.126141Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-1"
                }
              }
            ],
            "category": "product_name",
            "name": "EOS"
          }
        ],
        "category": "vendor",
        "name": "Arista Networks"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-5089",
      "notes": [
        {
          "category": "description",
          "text": "The EOS switch and CVX server are susceptible to crashes and denial of service due to vulnerabilities in handling malformed messages, which can be exploited by high privilege attackers.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-5089 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-5089.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2025-5089"
    },
    {
      "cve": "CVE-2025-5090",
      "notes": [
        {
          "category": "description",
          "text": "Sending random bytes to CVX can cause the ControllerOob agent to restart, potentially leading to a denial of service if this action is repeated continuously.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-5090 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-5090.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2025-5090"
    },
    {
      "cve": "CVE-2025-8873",
      "cwe": {
        "id": "CWE-1286",
        "name": "Improper Validation of Syntactic Correctness of Input"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Validation of Syntactic Correctness of Input",
          "title": "CWE-1286"
        },
        {
          "category": "description",
          "text": "A vulnerability in Arista EOS with IPsec configured can halt the dataplane\u0027s processing of IPsec traffic, potentially necessitating a reset that may not restore functionality.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-8873 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-8873.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2025-8873"
    },
    {
      "cve": "CVE-2025-5088",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Improper Privilege Management",
          "title": "CWE-269"
        },
        {
          "category": "description",
          "text": "CVE-2025-5088 enables an authenticated Redis session to achieve full root access across all servers in the CVX cluster, necessitating network access and the Redis password, with communications currently in plaintext.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-5088 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-5088.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2025-5088"
    }
  ]
}

WID-SEC-W-2025-2639

Vulnerability from csaf_certbund - Published: 2025-11-18 23:00 - Updated: 2025-11-18 23:00

Summary

Arista EOS: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Arista Extensible Operating System (EOS) ist ein modulares Linux basiertes Netzwerkbetriebssystem.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Arista EOS ausnutzen, um einen Denial of Service Angriff durchzuführen, und um seine Privilegien zu erhöhen.

Betroffene Betriebssysteme: - Linux - UNIX

CVE-2025-5089

Affected products

Known affected 4 products

Product	Identifier	Version	Remediation
Arista EOS <4.34.2F Arista / EOS		<4.34.2F
Arista EOS <4.32.7M Arista / EOS		<4.32.7M
Arista EOS <4.33.5M Arista / EOS		<4.33.5M
Arista EOS <4.31.9M Arista / EOS		<4.31.9M

CVE-2025-5090

Affected products

Known affected 4 products

Product	Identifier	Version	Remediation
Arista EOS <4.34.2F Arista / EOS		<4.34.2F
Arista EOS <4.32.7M Arista / EOS		<4.32.7M
Arista EOS <4.33.5M Arista / EOS		<4.33.5M
Arista EOS <4.31.9M Arista / EOS		<4.31.9M

CVE-2025-8873

Affected products

Known affected 4 products

Product	Identifier	Version	Remediation
Arista EOS <4.34.2F Arista / EOS		<4.34.2F
Arista EOS <4.32.7M Arista / EOS		<4.32.7M
Arista EOS <4.33.5M Arista / EOS		<4.33.5M
Arista EOS <4.31.9M Arista / EOS		<4.31.9M

CVE-2025-5088

Affected products

Known affected 4 products

Product	Identifier	Version	Remediation
Arista EOS <4.34.2F Arista / EOS		<4.34.2F
Arista EOS <4.32.7M Arista / EOS		<4.32.7M
Arista EOS <4.33.5M Arista / EOS		<4.33.5M
Arista EOS <4.31.9M Arista / EOS		<4.31.9M

References

4 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.arista.com/en/support/advisories-noti…	external
https://www.arista.com/en/support/advisories-noti…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Arista Extensible Operating System (EOS) ist ein modulares Linux basiertes Netzwerkbetriebssystem.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Arista EOS ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, und um seine Privilegien zu erh\u00f6hen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-2639 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2639.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-2639 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2639"
      },
      {
        "category": "external",
        "summary": "Arista Security Advisory 0126 vom 2025-11-18",
        "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/22868-security-advisory-0126"
      },
      {
        "category": "external",
        "summary": "Arista Security Advisory 0127 vom 2025-11-18",
        "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/22869-security-advisory-0127"
      }
    ],
    "source_lang": "en-US",
    "title": "Arista EOS: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-11-18T23:00:00.000+00:00",
      "generator": {
        "date": "2025-11-19T12:12:06.146+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2025-2639",
      "initial_release_date": "2025-11-18T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-11-18T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c4.34.2F",
                "product": {
                  "name": "Arista EOS \u003c4.34.2F",
                  "product_id": "T048737"
                }
              },
              {
                "category": "product_version",
                "name": "4.34.2F",
                "product": {
                  "name": "Arista EOS 4.34.2F",
                  "product_id": "T048737-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:arista:arista_eos:4.34.2f"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c4.33.5M",
                "product": {
                  "name": "Arista EOS \u003c4.33.5M",
                  "product_id": "T048738"
                }
              },
              {
                "category": "product_version",
                "name": "4.33.5M",
                "product": {
                  "name": "Arista EOS 4.33.5M",
                  "product_id": "T048738-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:arista:arista_eos:4.33.5m"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c4.32.7M",
                "product": {
                  "name": "Arista EOS \u003c4.32.7M",
                  "product_id": "T048739"
                }
              },
              {
                "category": "product_version",
                "name": "4.32.7M",
                "product": {
                  "name": "Arista EOS 4.32.7M",
                  "product_id": "T048739-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:arista:arista_eos:4.32.7m"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c4.31.9M",
                "product": {
                  "name": "Arista EOS \u003c4.31.9M",
                  "product_id": "T048740"
                }
              },
              {
                "category": "product_version",
                "name": "4.31.9M",
                "product": {
                  "name": "Arista EOS 4.31.9M",
                  "product_id": "T048740-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:arista:arista_eos:4.31.9m"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "EOS"
          }
        ],
        "category": "vendor",
        "name": "Arista"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-5089",
      "product_status": {
        "known_affected": [
          "T048737",
          "T048739",
          "T048738",
          "T048740"
        ]
      },
      "release_date": "2025-11-18T23:00:00.000+00:00",
      "title": "CVE-2025-5089"
    },
    {
      "cve": "CVE-2025-5090",
      "product_status": {
        "known_affected": [
          "T048737",
          "T048739",
          "T048738",
          "T048740"
        ]
      },
      "release_date": "2025-11-18T23:00:00.000+00:00",
      "title": "CVE-2025-5090"
    },
    {
      "cve": "CVE-2025-8873",
      "product_status": {
        "known_affected": [
          "T048737",
          "T048739",
          "T048738",
          "T048740"
        ]
      },
      "release_date": "2025-11-18T23:00:00.000+00:00",
      "title": "CVE-2025-8873"
    },
    {
      "cve": "CVE-2025-5088",
      "product_status": {
        "known_affected": [
          "T048737",
          "T048739",
          "T048738",
          "T048740"
        ]
      },
      "release_date": "2025-11-18T23:00:00.000+00:00",
      "title": "CVE-2025-5088"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-5090 (GCVE-0-2025-5090)

FKIE_CVE-2025-5090

GHSA-3HCX-J6WP-VH2Q

NCSC-2025-0374

WID-SEC-W-2025-2639

Tags

Sightings

Nomenclature