Configuration Bypass Vulnerability in Arista EOS Network Switch by Arista Networks
CVE-2025-1260

9.1CRITICAL

Key Information:

Vendor: Arista Networks
Status: Eos
Vendor: CVE Published:; 4 March 2025

🔔 Create Arista Networks Vulnerability Alert

What is CVE-2025-1260?

A configuration bypass vulnerability exists in Arista EOS when OpenConfig is configured. A gNOI request can execute on affected devices when it should have been denied. This flaw may lead to unintended configurations or operations being executed on the network switch, potentially compromising network integrity and performance.

Affected Version(s)

EOS 4.33.0 <= 4.33.1

EOS 4.32.0 <= 4.32.3

EOS 4.31.0 <= 4.31.5

References

https://www.arista.com/en/support/advisories-notices/secu...

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 4, 2025
Vulnerability Reserved
Feb 12, 2025