6.9

CVE-2026-7473

Warnung
Medienbericht

Arista EOS Unexpected Tunnel Protocol Decapsulation and Forwarding Bypass

On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a destination IP matching its configured decapsulation IP. This occurs because the switch does not verify the tunnel protocol type, potentially leading to the unexpected processing of non-configured tunnel traffic.



This issue has been reported as being exploited in the wild.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AristaEos
   Arista7020sr-24c2 Version-
   Arista7020sr-32c2 Version-
   Arista7020srg-24c2 Version-
   Arista7020tr-48 Version-
   Arista7020tra-48 Version-
   Arista7280cr-48 Version-
   Arista7280cr2-60 Version-
   Arista7280cr2a-30 Version-
   Arista7280cr2a-60 Version-
   Arista7280cr2k-30 Version-
   Arista7280cr2k-60 Version-
   Arista7280cr2m-30 Version-
   Arista7280cr3-32d4 Version-
   Arista7280cr3-32p4 Version-
   Arista7280cr3-36s Version-
   Arista7280cr3-96 Version-
   Arista7280cr3a-24d12 Version-
   Arista7280cr3a-48d6 Version-
   Arista7280cr3a-72 Version-
   Arista7280cr3ak-24d12 Version-
   Arista7280cr3ak-48d6 Version-
   Arista7280cr3ak-72 Version-
   Arista7280cr3am-24d12 Version-
   Arista7280cr3am-48d6 Version-
   Arista7280cr3am-72 Version-
   Arista7280cr3mk-32d4s Version-
   Arista7280cr3mk-32p4s Version-
   Arista7280dr3-24 Version-
   Arista7280dr3a-36 Version-
   Arista7280dr3a-54 Version-
   Arista7280dr3ak-36 Version-
   Arista7280dr3ak-54 Version-
   Arista7280dr3am-36 Version-
   Arista7280dr3am-54 Version-
   Arista7280pr3-24 Version-
   Arista7280qr-c36 Version-
   Arista7280qr-c36-m Version-
   Arista7280qr-c72 Version-
   Arista7280qra-c36s Version-
   Arista7280qra-c36sm Version-
   Arista7280sr-48c6 Version-
   Arista7280sr2-48yc6 Version-
   Arista7280sr2-48yc6-m Version-
   Arista7280sr2a-48yc6 Version-
   Arista7280sr2a-48yc6-m Version-
   Arista7280sr2k-48c6-m Version-
   Arista7280sr3-40yc6 Version-
   Arista7280sr3-48yc8 Version-
   Arista7280sr3m-48yc8 Version-
   Arista7280sra-48c6 Version-
   Arista7280sra-48c6-m Version-
   Arista7280sram-48c6 Version-
   Arista7280srm-40cx2 Version-
   Arista7280tr-48c6 Version-
   Arista7280tr3-40c6 Version-
   Arista7280tra-48c6 Version-
   Arista7280tra-48c6-m Version-
   Arista7289r3a-sc Version-
   Arista7289r3ak-sc Version-
   Arista7289r3am-sc Version-
   Arista7500r-36cq-lc Version-
   Arista7500r-36q-lc Version-
   Arista7500r-48s2cq-lc Version-
   Arista7500r-8cfpx-lc Version-
   Arista7500r2-36cq-lc Version-
   Arista7500r2a-36cq-lc Version-
   Arista7500r2ak-36cq-lc Version-
   Arista7500r2ak-48ycq-lc Version-
   Arista7500r2am-36cq-lc Version-
   Arista7500r2m-36cq-lc Version-
   Arista7500r3-24d Version-
   Arista7500r3-24p Version-
   Arista7500r3-36cq Version-
   Arista7500r3k-36cq Version-
   Arista7500r3k-48y4d Version-
   Arista7500rm-36cq-lc Version-
   Arista7504r-fm Version-
   Arista7504r3 Version-
   Arista7508r-fm Version-
   Arista7508r3 Version-
   Arista7512r-fm Version-
   Arista7512r3 Version-
   Arista7516-sup2 Version-
   Arista7516n-ch Version-
   Arista7516r-fm Version-
   Arista7800r3-36d Version-
   Arista7800r3-48cq Version-
   Arista7800r3a-36d Version-
   Arista7800r3a-36dm Version-
   Arista7800r3a-36p Version-
   Arista7800r3a-36pm Version-
   Arista7800r3ak-36dm Version-
   Arista7800r3ak-36pm Version-
   Arista7800r3k-48cq Version-
   Arista7800r3k-48cqms Version-
   Arista7800r3k-72y Version-
   Arista7804r3 Version-
   Arista7808r3 Version-
   Arista7812r3 Version-
   Arista7816lr3 Version-
   Arista7816r3 Version-
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login

09.06.2026: CISA Known Exploited Vulnerabilities (KEV) Catalog

Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability

Schwachstelle

Arista Extensible Operating System (EOS) contains an incomplete comparison with missing factors vulnerability when the switch incorrectly decapsulate and forwards other unexpected tunneled packet with a destination IP matching its configured decapsulation IP.

Beschreibung

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.84% 0.53
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
psirt@arista.com 6.9 0 0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
psirt@arista.com 5.8 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
CWE-1023 Incomplete Comparison with Missing Factors

The product performs a comparison between entities that must consider multiple factors or characteristics of each entity, but the comparison does not include one or more of these factors.

Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
10.06.2026 17:43
https://www.arista.com/en/support/advisories-notices/security-advisory/22872-security-advisory-0137
Broken Link
https://www.arista.com/en/support/advisories-notices/security-advisory/24005-security-advisory-0137
Vendor Advisory
Mitigation
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-7473
US Government Resource