Arista EOS CVE-2026-7473 added to CISA KEV — vendor says no patch coming
Tunnel-decap logic flaw in Arista EOS lets crafted VXLAN/GRE/decap-group packets reach configured decap IPs. Exploited in the wild. Arista will not patch — mitigate with ACLs.
Tunnel-decap logic flaw in Arista EOS lets crafted VXLAN/GRE/decap-group packets reach configured decap IPs. Exploited in the wild. Arista will not patch — mitigate with ACLs.