CVE-2026-2379
Arista EOS IPsec Sequence Number Mismatch Vulnerability
Publication date: 2026-06-05
Last updated on: 2026-06-05
Assigner: Arista Networks, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| arista | arista_eos | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-672 | The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects Arista EOS running on platforms with hardware IPSec support when certain IPsec features are enabled. In specific situations, such as physical interface flaps or certain agent restarts, the IPsec tunnel may be re-established using existing Security Associations. This can cause sequence number mismatches between the tunnel endpoints, potentially leading to unstable communication.
How can this vulnerability impact me? :
The vulnerability can cause unstable communication over IPsec tunnels due to sequence number mismatches. This instability may disrupt secure network connections, potentially affecting the reliability and availability of services that depend on these IPsec tunnels.