HIGHVulnerability
Verified
Global
CISA KEV: Arista Extensible Operating System — Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability
·Source: CISA KEV
Updated:
Executive Summary
Arista Extensible Operating System (EOS) contains an incomplete comparison with missing factors vulnerability when the switch incorrectly decapsulate and forwards other unexpected tunneled packet with a destination IP matching its configured decapsulation IP.
Analysis
Arista Extensible Operating System (EOS) contains an incomplete comparison with missing factors vulnerability when the switch incorrectly decapsulate and forwards other unexpected tunneled packet with a destination IP matching its configured decapsulation IP. Added to CISA Known Exploited Vulnerabilities catalog on 2026-06-09. Remediation due: 2026-06-23.