CVE-2025-8873EPSS p30.2%

CVE-2025-8873CVE-2025-8873

Description

On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane may detect this condition, and attempt to reset the IPsec processing pipeline. After reset traffic may not resume being processed. There is no impact to non-IPsec traffic or to IPsec traffic not originating or terminating on the system. This issue was reported by an Arista customer.

Scoring

CVSS 7.5 ()
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS0.39% probability of exploitation · percentile 30.2% · 2026-06-19T12:03:05Z
Last modified2026-06-05

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-2379
CVE
CVE-2024-27891
CVE
Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability
CVE
CVE-2023-5502
CVE
CVE-2025-20253
CVE
CVE-2025-20142
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.