{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-8872","assignerOrgId":"c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7","state":"PUBLISHED","assignerShortName":"Arista","dateReserved":"2025-08-11T18:18:36.004Z","datePublished":"2025-12-16T19:32:20.528Z","dateUpdated":"2025-12-16T19:51:10.033Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","platforms":["710/710XP Series","720XP/722XPM Series","750X Series","7010 Series","7010X Series","7020R Series","7130 Series running EOS","7150 Series","7160 Series","7170 Series","7050X/X2/X3/X4 Series","7060X/X2/X4/X5/X6 Series","7250X Series","7260X/X3 Series","7280E/R/R2/R3 Series","7300X/X3 Series","7320X Series","7358X4 Series","7368X4 Series","7388X5 Series","7500E/R/R2/R3 Series","7700R4 Series","7800R3/R4 Series","AWE 5000 Series","AWE 7200R Series","CloudEOS","cEOS-lab","vEOS-lab","CloudVision eXchange","virtual or physical appliance"],"product":"EOS","vendor":"Arista Networks","versions":[{"lessThanOrEqual":"4.34.1F","status":"affected","version":"4.34.0","versionType":"custom"},{"lessThanOrEqual":"4.33.4M","status":"affected","version":"4.33.0","versionType":"custom"},{"lessThanOrEqual":"4.32.7M","status":"affected","version":"4.32.0","versionType":"custom"},{"lessThanOrEqual":"4.31.8M","status":"affected","version":"4.31.0","versionType":"custom"},{"lessThanOrEqual":"4.31.0","status":"affected","version":"0","versionType":"custom"}]}],"configurations":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>In order to be vulnerable to CVE-2025-8872, the following condition must be met:</p><p>The OSFPv3 protocol must be configured in either the default or non default vrf and at least one neighbor must be present</p><pre>switch&gt;show ospfv3\nOSPFv3 address-family ipv6\nRouting Process \"ospfv3\" with ID 192.0.2.0 and Instance 0 VRF default\n  FIPS mode disabled\n  Maximum number of LSAs allowed 0\n    Exceed action disable\n    LSA limit for warning message 75%\n    Disabled-time 5 minutes, clear timeout 5 minutes\n    Incident count 0, incident count limit 5\n  It is an autonomous system boundary router and is not an area border router\n  Minimum LSA arrival interval 1000 msecs\n  Initial LSA throttle delay 1000 msecs\n  Minimum hold time for LSA throttle 5000 msecs\n  Maximum wait time for LSA throttle 5000 msecs\n  It has 1 fully adjacent neighbors\n  Number of areas in this router is 1. 1 normal, 0 stub, 0 nssa\n  Number of LSAs 8\n  Initial SPF schedule delay 0 msecs\n  Minimum hold time between two consecutive SPFs 5000 msecs\n  Current hold time between two consecutive SPFs 5000 msecs\n  Maximum wait time between two consecutive SPFs 5000 msecs\n  SPF algorithm last executed 00:04:52 ago\n  No scheduled SPF\n  Adjacency exchange-start threshold is 20\n  Maximum number of next-hops supported in ECMP is 128\n  Number of backbone neighbors is 0\n  Graceful-restart is not configured\n  Graceful-restart-helper mode is enabled\n  Area 0.0.0.0\n    Number of interface in this area is 1\n    It is a normal area\n    SPF algorithm executed 6 times\n  \nswitch&gt;show ospfv3 neighbor\nOSPFv3 address-family ipv6\nRouting Process \"ospfv3\" Instance 0 VRF default\nNeighbor 192.0.3.0 VRF default priority is 1, state is Full\n  In area 0.0.0.0 interface Ethernet4\n  Adjacency was established 00:00:49 ago\n  Current state was established 00:00:49 ago\n  DR is 3.3.3.3 BDR is 2.2.2.2\n  Options is E R V6\n  Dead timer is due in 29 seconds\n  Graceful-restart-helper mode is Inactive\n  Graceful-restart attempts: 0\n</pre><div>&nbsp;</div><p>If OSFPv3 is not configured there is no exposure to this issue and the show command will not produce any output</p><pre>switch&gt;show ospfv3\n \nswitch&gt;show ospfv3 neighbor</pre><br>"}],"value":"In order to be vulnerable to CVE-2025-8872, the following condition must be met:\n\nThe OSFPv3 protocol must be configured in either the default or non default vrf and at least one neighbor must be present\n\nswitch>show ospfv3\nOSPFv3 address-family ipv6\nRouting Process \"ospfv3\" with ID 192.0.2.0 and Instance 0 VRF default\n  FIPS mode disabled\n  Maximum number of LSAs allowed 0\n    Exceed action disable\n    LSA limit for warning message 75%\n    Disabled-time 5 minutes, clear timeout 5 minutes\n    Incident count 0, incident count limit 5\n  It is an autonomous system boundary router and is not an area border router\n  Minimum LSA arrival interval 1000 msecs\n  Initial LSA throttle delay 1000 msecs\n  Minimum hold time for LSA throttle 5000 msecs\n  Maximum wait time for LSA throttle 5000 msecs\n  It has 1 fully adjacent neighbors\n  Number of areas in this router is 1. 1 normal, 0 stub, 0 nssa\n  Number of LSAs 8\n  Initial SPF schedule delay 0 msecs\n  Minimum hold time between two consecutive SPFs 5000 msecs\n  Current hold time between two consecutive SPFs 5000 msecs\n  Maximum wait time between two consecutive SPFs 5000 msecs\n  SPF algorithm last executed 00:04:52 ago\n  No scheduled SPF\n  Adjacency exchange-start threshold is 20\n  Maximum number of next-hops supported in ECMP is 128\n  Number of backbone neighbors is 0\n  Graceful-restart is not configured\n  Graceful-restart-helper mode is enabled\n  Area 0.0.0.0\n    Number of interface in this area is 1\n    It is a normal area\n    SPF algorithm executed 6 times\n  \nswitch>show ospfv3 neighbor\nOSPFv3 address-family ipv6\nRouting Process \"ospfv3\" Instance 0 VRF default\nNeighbor 192.0.3.0 VRF default priority is 1, state is Full\n  In area 0.0.0.0 interface Ethernet4\n  Adjacency was established 00:00:49 ago\n  Current state was established 00:00:49 ago\n  DR is 3.3.3.3 BDR is 2.2.2.2\n  Options is E R V6\n  Dead timer is due in 29 seconds\n  Graceful-restart-helper mode is Inactive\n  Graceful-restart attempts: 0\n\n\n \n\nIf OSFPv3 is not configured there is no exposure to this issue and the show command will not produce any output\n\nswitch>show ospfv3\n \nswitch>show ospfv3 neighbor"}],"datePublic":"2025-12-16T16:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>On affected platforms running Arista EOS with OSPFv3 configured, a specially crafted packet can cause the OSFPv3 process to have high CPU utilization which may result in the OSFPv3 process being restarted. This may cause disruption in the OSFPv3 routes on the switch.</p><p>This issue was discovered internally by Arista and is not aware of any malicious uses of this issue in customer networks.</p><br>"}],"value":"On affected platforms running Arista EOS with OSPFv3 configured, a specially crafted packet can cause the OSFPv3 process to have high CPU utilization which may result in the OSFPv3 process being restarted. This may cause disruption in the OSFPv3 routes on the switch.\n\nThis issue was discovered internally by Arista and is not aware of any malicious uses of this issue in customer networks."}],"impacts":[{"capecId":"CAPEC-130","descriptions":[{"lang":"en","value":"CAPEC-130 Excessive Allocation"}]}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":7.1,"baseSeverity":"HIGH","exploitMaturity":"NOT_DEFINED","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-400","description":"CWE-400 Uncontrolled Resource Consumption","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7","shortName":"Arista","dateUpdated":"2025-12-16T19:32:20.528Z"},"references":[{"url":"https://www.arista.com/en/support/advisories-notices/security-advisory/23115-security-advisory-0128"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>The recommended resolution is to upgrade to a remediated software version at your earliest convenience.</p><p>Arista recommends customers move to the latest version of each release that contains all the fixes listed below.</p><p>For more information about upgrading see: <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades\">EOS User Manual: Upgrades and Downgrades</a></p><div>CVE-2025-8872 has been fixed in the following releases:</div><ul><li>4.34.2F and later releases in the 4.34.x train</li><li>4.33.5M and later releases in the 4.33.x train</li><li>4.32.8M and later releases in the 4.32.x train</li><li>4.31.9M and later releases in the 4.31.x train</li></ul><br><br>"}],"value":"The recommended resolution is to upgrade to a remediated software version at your earliest convenience.\n\nArista recommends customers move to the latest version of each release that contains all the fixes listed below.\n\nFor more information about upgrading see:  EOS User Manual: Upgrades and Downgrades https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades \n\nCVE-2025-8872 has been fixed in the following releases:\n\n  *  4.34.2F and later releases in the 4.34.x train\n  *  4.33.5M and later releases in the 4.33.x train\n  *  4.32.8M and later releases in the 4.32.x train\n  *  4.31.9M and later releases in the 4.31.x train"}],"source":{"advisory":"128","defect":["BUG1203059"],"discovery":"INTERNAL"},"title":"A specially crafted packet can cause the OSFPv3 process to have high CPU utilization which may result in the OSFPv3 process being restarted","workarounds":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<span style=\"background-color: rgb(255, 255, 255);\">There is no workaround to mitigate the issue.</span><br>"}],"value":"There is no workaround to mitigate the issue."}],"x_generator":{"engine":"Vulnogram 0.5.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-12-16T19:50:49.156832Z","id":"CVE-2025-8872","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-12-16T19:51:10.033Z"}}]}}