CVE-2025-2796 – Arista EOS IPsec Anti-Replay Protection Vulnerability

CVE ID : CVE-2025-2796

Published : May 27, 2025, 11:15 p.m. | 23 minutes ago

Description : On affected platforms with hardware IPSec support running Arista EOS with IPsec enabled and anti-replay protection configured, EOS may exhibit unexpected behavior in specific cases. Received duplicate encrypted packets, which should be dropped under normal anti-replay protection, will instead be forwarded due to this vulnerability.

Note: this issue does not affect VXLANSec or MACSec encryption functionality.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…