CVE-2025-8870

Summary

On affected platforms running Arista EOS, certain serial console input might result in an unexpected reload of the device.153

Affected Software

VendorProductVersion RangeStatus
Arista NetworksEOS4.34.2FXaffected

Weaknesses

  • CWE-248: CWE-248

Workarounds

The mitigation is to limit access to the serial console.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References