CVE-2025-5088
HIGHArista CloudVision Exchange (CVX) Cluster Privilege Escalation via MCS Redis Session
Title source: cnaDescription
An authenticated Redis session could be used to obtain full root access to all servers in the CVX cluster. Note that this would require an attacker to have both network access to the Redis service on a CVX server and the Redis password. Please note that all Redis communication, including authentication, occurs over plaintext in the present day. TLS support is tracked under RFE1294850.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
https://www.arista.com/en/support/advisories-notices/security-advisory/22868-security-advisory-0126
Scores
CVSS v3
8.3
EPSS
0.0032
EPSS Percentile
23.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-269
Status
published
Products (5)
Arista Networks/EOS / CloudVision eXchange (CVX)
4.30.0 - 4.31.0
Arista Networks/EOS / CloudVision eXchange (CVX)
4.31.0M - 4.31.8M
Arista Networks/EOS / CloudVision eXchange (CVX)
4.32.0M - 4.32.6M
Arista Networks/EOS / CloudVision eXchange (CVX)
4.33.0M - 4.33.4M
Arista Networks/EOS / CloudVision eXchange (CVX)
4.34.0F - 4.34.1F
Published
Jun 05, 2026
Tracked Since
Jun 05, 2026