FILTERING BY: CLEAR FILTER

Arista Networks EOS: Unexpected Tunnel Protocol Decapsulation and Forwarding Bypass CVE-2026-7473

CVE-2026-7473 is a critical vulnerability in Arista EOS caused by deficient packet validation during the decapsulation of tunnel protocol traffic. Attackers can utilize specially crafted VXLAN or GRE headers to trick the system into bypassing protocol verification, effectively decapsulating packets and forwarding them into restricted network segments. This flaw allows for a complete bypass of network segmentation and isolation controls, enabling unauthorized lateral movement across secure zones. CISA has confirmed active exploitation in the wild, necessitating immediate firmware updates to EOS versions specified in Arista Security Advisory 24005-0137 to prevent unauthorized access to protected environments.


LINK COPIED TO CLIPBOARD