Home

Description

On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do not perform some form of authentication.

PUBLISHED Reserved 2025-06-16 | Published 2025-08-25 | Updated 2025-08-27 | Assigner Arista




HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Problem types

288

Product status

Default status
unaffected

4.33.0
affected

4.33.1.0
affected

4.32.4.0
affected

4.31.0
affected

4.30.0
affected

Credits

This issue was discovered externally and responsibly reported to Arista by Chris Laffin of automattic.com. finder

References

www.arista.com/...rity-advisory/22021-security-advisory-0121

cve.org (CVE-2025-6188)

nvd.nist.gov (CVE-2025-6188)

Download JSON