Arista EOS IPsec Tunnel Sequence Number Mismatch via Interface Flaps when Anti-Replay is Disabled
CVE-2026-2379

8.2HIGH

Key Information:

Vendor: Arista Networks
Status: Eos
Vendor: CVE Published:; 5 June 2026

🔔 Create Arista Networks Vulnerability Alert

What is CVE-2026-2379?

On affected platforms with hardware IPSec support running Arista EOS with certain IPsec features enabled, EOS may exhibit unexpected behavior in specific cases. Physical interface flaps and certain agent restarts can cause IPsec tunnel re-establishment with existing Security Associations, resulting in sequence number mismatches between tunnel endpoints potentially causing unstable communication.

Affected Version(s)

EOS 7280R3 Series with IPsec (DCS-7280SR3AK 4.34.0 <= 4.34.3M

EOS 7280R3 Series with IPsec (DCS-7280SR3AK 4.33.0M <= 4.33.5M

EOS 7280R3 Series with IPsec (DCS-7280SR3AK 4.32.0M <= 4.32.7M

References

https://www.arista.com/en/support/advisories-notices/secu...

vendor-advisory

CVSS V4

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 5, 2026
Vulnerability Reserved
Feb 11, 2026

CVE-2026-2379 Data

JSON