high
7.5
CWE
1284
Advisory Published
Updated

CVE-2024-9448: On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropp

First published: Thu May 08 2025(Updated: )

On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be forwarded as if the rule was not in place. This could lead to packets being delivered to unexpected destinations.

Credit: psirt@arista.com

Affected SoftwareAffected VersionHow to fix
Arista EOS

Remedy

The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see EOS User Manual: Upgrades and Downgrades https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades CVE-2024-9448 has been fixed in the following releases: * 4.33.1F and later releases in the 4.33.x train * 4.32.4M and later releases in the 4.32.x train * 4.31.6M and later releases in the 4.31.x train * 4.30.9M and later releases in the 4.30.x train

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-9448?

    CVE-2024-9448 has a medium severity rating due to its potential impact on network traffic handling.

  • How do I fix CVE-2024-9448?

    To fix CVE-2024-9448, update your Arista EOS to the latest patched version as recommended in Arista's security advisory.

  • What are the implications of CVE-2024-9448 on network performance?

    CVE-2024-9448 can lead to untagged packets bypassing Traffic Policy rules, potentially affecting the expected traffic management outcomes.

  • Which platforms are impacted by CVE-2024-9448?

    CVE-2024-9448 affects platforms running Arista EOS with Traffic Policies configured.

  • Can CVE-2024-9448 lead to security breaches?

    Yes, CVE-2024-9448 could allow untagged packets to be improperly processed, which may create vulnerabilities in traffic control.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203