CVE-2026-7473
MEDIUMOn affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a destination IP matching its configured decapsulation IP. This occurs because the switch does not verify the tunnel protocol type, potentially leading to the unexpected processing of non-configured tunnel traffic. This issue has been reported as being exploited in the wild.
Published: 6/5/2026Modified: 6/17/2026
Related Intelligence (0)
No articles currently reference this CVE.
References (3)
https://www.arista.com/en/support/advisories-notices/security-advisory/22872-security-advisory-0137Broken Linkhttps://www.arista.com/en/support/advisories-notices/security-advisory/24005-security-advisory-0137MitigationVendor Advisoryhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-7473US Government Resource