CVE-2025-5090 in EOSinfo

Summary

by MITRE • 06/05/2026

CVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An attacker could use this behavior to create a denial of service (DoS) scenario. Note that this would require the attacker to have a high privilege access to the connected switch to be able to send custom TCP packets to the CVX.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsible

Arista

Reservation

05/22/2025

Disclosure

06/05/2026

Moderation

accepted

Entry

VDB-368946

CPE

ready

CWE

CWE-404 (confirmed)

CVSS

6.5 (CNA)

EPSS

0.00044

KEV

Activities

low

Sector

Transportation, Pharma, ...

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-5090
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-5090
CVE Details	https://www.cvedetails.com/cve/CVE-2025-5090/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!