Volerion logoVolerion
Volerion logoVolerion

Arista EOS Traffic Policy Bypass Vulnerability on 7050X4 and 7358X4 Series Switches

Vulnerability

A vulnerability exists in Arista EOS versions 4.33.0F and below in the 4.33.x train, as well as in 4.32.3M and below in the 4.32.x train, 4.31.5M and below in the 4.31.x train, and 4.30.8M and below in the 4.30.x train. On affected platforms with Traffic Policies configured, untagged packets may not be processed according to the established rules. Packets that should be dropped according to the Traffic Policy will instead be forwarded, potentially leading to unintended delivery to other destinations.

Impact

This vulnerability can cause misrouted packets, allowing them to reach unintended destinations instead of being dropped as specified by the Traffic Policy.

Remediation

Users are advised to upgrade to Arista EOS versions 4.33.1F, 4.32.4M, 4.31.6M, or 4.30.9M. For more information on upgrading, consult the EOS User Manual: Upgrades and Downgrades.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
5.7
impact
0.6
exploitability
7.0
remediation
7.9
relevance
0.0
threat
0.0
urgency
2.9
incentive
5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.