PatchSiren cyber security CVE debrief
CVE-2026-2379 Arista Networks CVE debrief
CVE-2026-2379 is a HIGH severity vulnerability in Arista EOS with a CVSS score of 8.2. On affected platforms with hardware IPSec support running Arista EOS with certain IPsec features enabled, EOS may exhibit unexpected behavior in specific cases. Physical interface flaps and certain agent restarts can cause IPsec tunnel re-establishment with existing Security Associations, resulting in sequence number mismatches between tunnel endpoints potentially causing unstable communication.
- Vendor
- Arista Networks
- Product
- EOS
- CVSS
- HIGH 8.2
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-05
- Original CVE updated
- 2026-06-05
- Advisory published
- 2026-06-05
- Advisory updated
- 2026-06-05
Who should care
Users of Arista EOS with hardware IPSec support and certain IPsec features enabled should be aware of this vulnerability and take recommended actions.
Technical summary
The vulnerability is caused by unexpected behavior in Arista EOS when certain IPsec features are enabled on affected platforms with hardware IPSec support. This can lead to sequence number mismatches between tunnel endpoints, potentially causing unstable communication.
Defensive priority
HIGH
Recommended defensive actions
- Review and apply the security advisory from Arista: [ref-4](https://www.arista.com/en/support/advisories-notices/security-advisory/23419-security-advisory-0134)
Evidence notes
The CVE record [cve-org](https://www.cve.org/CVERecord?id=CVE-2026-2379) and NVD detail [nvd](https://nvd.nist.gov/vuln/detail/CVE-2026-2379) provide additional information on this vulnerability.
Official resources
-
CVE-2026-2379 CVE record
CVE.org
-
CVE-2026-2379 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-2379 was published on 2026-06-05T18:17:05.750Z and modified on 2026-06-05T19:03:48.933Z.