Arista Products Upgrade Image Verification Bypass Vulnerability

A vulnerability exists in multiple Arista products, including the Danz Monitoring Fabric, Converged Cloud Fabric, CloudVision Appliance, and Multi-Cloud Director, allowing cryptographic validation of upgrade images to be bypassed. This is achieved by placing a specially crafted file into the upgrade ISO. Affected versions include DMF 8.7.0, CCF 6.2.4 and below, all versions of CVA 7.0.x, and MCD 2.4.0 and below.

Impact

Exploitation of this vulnerability could lead to the installation of unauthorized or tampered software upgrade images, potentially allowing for further exploitation or manipulation of the system.

Remediation

Users can manually check the hash values of downloaded upgrade images against those published on the Arista website. If the hash values do not match, this may indicate a compromise. It is also recommended to upgrade to a fixed version as soon as possible.