CVE-2024-27892

Vulnerability

Arista EOS versions 4.31.2F and below in the 4.31.x train, 4.30.5M and below in the 4.30.x train, 4.29.7M and below in the 4.29.x train, 4.28.10M and below in the 4.28.x train, 4.27.8M and below in the 4.27.x train, 4.26.9M and below in the 4.26.x train, 4.25.10M and below in the 4.25.x train, and 4.24.11M and below in the 4.24.x train are affected when OpenConfig is configured. A gNMI Set request can be executed when it should have been rejected, leading to unintended configuration application [1].

Exploitation

An attacker with network access and low privileges can send a gNMI Set request to an affected Arista EOS device. The system incorrectly accepts this request, which should have been rejected, allowing the attacker to apply unexpected configurations [1].

Impact

Successful exploitation allows an attacker to apply unexpected configurations to the switch, potentially leading to a denial of service or unauthorized changes to the network infrastructure. The impact includes integrity and availability concerns on the affected device [1].

Mitigation

Arista has released updated EOS versions that address this vulnerability. Specific hotfix releases are available for various trains, with the latest advisory revision detailing applicable versions as of July 25, 2024 [1]. Arista is not aware of any malicious uses of this issue in customer networks.