CVE-2026-7473
Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability
CVSS
—
Sin CVSS
EPSS
0.8%
p54
KEV
SÍ
9 jun 2026
Exploit Today
66
0-100
Publicado: — · Última mod.: —
Producto
Arista / Extensible Operating System
Vulnerabilidad
Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability
Añadido a KEV
9 jun 2026
Remediar antes de
23 jun 2026
Uso conocido en ransomware
No
Descripción resumida
Arista Extensible Operating System (EOS) contains an incomplete comparison with missing factors vulnerability when the switch incorrectly decapsulate and forwards other unexpected tunneled packet with a destination IP matching its configured decapsulation IP.
Acción requerida
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Notas
https://www.arista.com/en/support/advisories-notices/security-advisory/24005-security-advisory-0137 ; https://nvd.nist.gov/vuln/detail/CVE-2026-7473
Sin CVEs relacionados por CWE o producto.