Security Advisory 0139

Security Advisory 0139 PDF Date: May 19, 2026 Revision | Date | Changes ---|---|--- 1.0 | May 19, 2026 | Initial release The CVE-ID tracking this issue: CVE-2025-49844 CVSSv3.1 Base Score: 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVSSv4.0 Base Score: 9.4...

Security Advisory 0126

Security Advisory 0126 . CSAF PDF Date: November 18, 2025 Revision | Date | Changes ---|---|--- 1.0 | November 18, 2025 | Initial release The following issues were discovered during regular penetration testing of Arista’s EOS. Issues detailed cover CloudVision Exchange CVX based features includin...

CVE-2020-13100

Arista’s CloudVision eXchange CVX server before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service crash and restart in the ControllerOob agent via a malformed control-plane packet...

CVE-2020-13100

Arista’s CloudVision eXchange CVX server before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service crash and restart in the ControllerOob agent via a malformed control-plane packet...

CVE-2020-13100

Arista’s CloudVision eXchange CVX server before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service crash and restart in the ControllerOob agent via a malformed control-plane packet...

Security Advisory 0052

Security Advisory 0052 PDF Date: October 7th, 2020 Version: 1.0 Revision | Date | Changes ---|---|--- 1.0 | October 7th, 2020 | Initial Release The CVE-ID tracking this issue is: CVE-2020-13100 CVSSv3 Base Score: 7.5/10 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Description This advisory...

Arista Networks EOS Multiple Vulnerabilities (SA0018) (DROWN)

The version of Arista Networks EOS running on the remote device is affected by multiple vulnerabilities in the included OpenSSL library : - A cipher algorithm downgrade vulnerability exists due to a flaw that is triggered when handling cipher negotiation. A remote attacker can exploit this to...

Security Advisory 0024

Security Advisory 0024 PDF Date: October 4th, 2016 Version: 1.0 Revision | Date | Changes ---|---|--- 1.0 | October 4th, 2016 | Initial release Arista Products vulnerability report for security vulnerabilities announcement from the OpenSSL project on September 22nd, 2016 Product: EOS and...

Security Advisory 0020

Security Advisory 0020 PDF Date: May 6th, 2016 Version: 1.2 Revision| Date| Changes ---|---|--- 1.0 | May 6th, 2016 | Initial release 1.1 | May 12th, 2016 | Updated to include assessment for CVX and CVP. Change in vulnerability status for CVE-2016-2107. 1.2 | May 20th, 2016 | Updated to include...