CVE-2026-7473
Arista EOS Tunnel Decapsulation Misconfiguration Leads to Packet Forwarding
Publication date: 2026-06-05
Last updated on: 2026-06-05
Assigner: Arista Networks, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| arista | arista_eos | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1023 | The product performs a comparison between entities that must consider multiple factors or characteristics of each entity, but the comparison does not include one or more of these factors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs on Arista EOS platforms that have tunnel decapsulation configurations such as VXLAN, decap-groups, or GRE tunnel interfaces. The switch incorrectly decapsulates and forwards tunneled packets that it is not configured to handle if those packets have a destination IP matching the configured decapsulation IP. This happens because the switch does not verify the tunnel protocol type, leading to unexpected processing of non-configured tunnel traffic.
The issue has been reported as exploited in the wild.
How can this vulnerability impact me? :
The vulnerability can lead to the switch processing and forwarding tunneled packets that it should not handle, potentially causing unexpected network behavior or traffic leakage. This could allow attackers to bypass intended network segmentation or security controls by exploiting the incorrect decapsulation, possibly leading to information disclosure or unauthorized network access.