PatchSiren cyber security CVE debrief
CVE-2026-25623 Arista Networks CVE debrief
CVE-2026-25623 is a HIGH severity vulnerability in Arista Edge Threat Management - Arista Next Generation Firewall . An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Authenticated administrators can leverage this exposure to obtain underlying terminal script code processing execution permissions.
- Vendor
- Arista Networks
- Product
- Arista Edge Threat Management - Arista Next Generation Firewall (NGFW)
- CVSS
- HIGH 7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-05
- Original CVE updated
- 2026-06-08
- Advisory published
- 2026-06-05
- Advisory updated
- 2026-06-08
Who should care
Users of Arista Edge Threat Management - Arista Next Generation Firewall
Technical summary
An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Authenticated administrators can leverage this exposure to obtain underlying terminal script code processing execution permissions.
Defensive priority
HIGH
Recommended defensive actions
- Apply the mitigation or patch as recommended by the vendor: [Mitigation or vendor reference](resourceLinkAnnotations.ref-4)
Evidence notes
The CVE was published on 2026-06-05T20:17:30.980Z and modified on 2026-06-08T19:10:25.753Z.
Official resources
-
CVE-2026-25623 CVE record
CVE.org
-
CVE-2026-25623 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
CVE-2026-25623 was published on 2026-06-05T20:17:30.980Z and modified on 2026-06-08T19:10:25.753Z.