PatchSiren cyber security CVE debrief
CVE-2025-8873 Arista Networks CVE debrief
CVE-2025-8873 is a HIGH severity vulnerability in Arista EOS with IPsec configured. A specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane may detect this condition and attempt to reset the IPsec processing pipeline. After reset, traffic may not resume being processed. There is no impact to non-IPsec traffic or to IPsec traffic not originating or terminating on the system. This issue was reported by an Arista customer.
- Vendor
- Arista Networks
- Product
- EOS
- CVSS
- HIGH 8.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-04
- Original CVE updated
- 2026-06-05
- Advisory published
- 2026-06-04
- Advisory updated
- 2026-06-05
Who should care
Users of Arista EOS with IPsec configured should be aware of this vulnerability and take steps to mitigate it.
Technical summary
On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane may detect this condition, and attempt to reset the IPsec processing pipeline. After reset traffic may not resume being processed. There is no impact to non-IPsec traffic or to IPsec traffic not originating or terminating on the system.
Defensive priority
HIGH
Recommended defensive actions
- Apply the patch or workaround provided by the vendor (see resourceLinkAnnotations 'ref-4')
- Review and update IPsec configurations to prevent exploitation
Evidence notes
The vendor is Arista, as indicated by the source reference (resourceLinkAnnotations 'ref-4') and evidence in the vendor field.
Official resources
-
CVE-2025-8873 CVE record
CVE.org
-
CVE-2025-8873 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2025-8873 was published on 2026-06-04T23:16:48.413Z and modified on 2026-06-05T15:02:34.977Z.