Traffic Policy Misconfiguration in Arista EOS Network Infrastructure
CVE-2024-9448

7.5HIGH

Key Information:

Vendor: Arista Networks
Status: Eos
Vendor: CVE Published:; 8 May 2025

🔔 Create Arista Networks Vulnerability Alert

What is CVE-2024-9448?

A potential vulnerability in Arista EOS allows untagged packets to bypass established Traffic Policy rules. Affected devices may forward these packets without applying the intended security measures, resulting in unintended packet delivery and exposure to network risks. Proper management of Traffic Policies is crucial to prevent data routing errors and maintain network integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

EOS EOS 4.33.0 <= 4.33.0F

EOS EOS 4.32.0 <= 4.32.3M

EOS EOS 4.31.0 <= 4.31.5M

References

https://https://www.arista.com/en/support/advisories-noti...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 8, 2025
Vulnerability Reserved
Oct 2, 2024

JSON

Arista Networks

What is CVE-2024-9448?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.