MACsec Configuration Vulnerability in Arista EOS Products
CVE-2025-7048
5.3MEDIUM
What is CVE-2025-7048?
A vulnerability exists in Arista EOS when configured with MACsec, where specially crafted packets can lead to unexpected termination of the MACsec process. This disruption can result in prolonged issues with data traffic, as continuous input of these packets causes instability in the data plane. The threat impacts network reliability significantly, necessitating immediate attention from network administrators running affected configurations.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
EOS 7500R/R2 4.34.3.0 <= 4.34.3.1M
EOS 7500R/R2 4.33.0 <= 4.33.5M
EOS 7500R/R2 4.32.0 <= 4.32.7M
References
CVSS V4
Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved