Vulnerability Database

309,469

Total vulnerabilities in the database

CVE-2025-0505

On Arista CloudVision systems (virtual or physical on-premise deployments), Zero Touch Provisioning can be used to gain admin privileges on the CloudVision system, with more permissions than necessary, which can be used to query or manipulate system state for devices under management. Note that CloudVision as-a-Service is not affected.

Published: May 8, 2025
Updated: Nov 16, 2025
CVE: CVE-2025-0505
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 10
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

CWEs:

CWE-269

Affected Software
References

No affected software listed.

https://www.arista.com/en/support/advisories-notices/security-advisory/21315-security-advisory-0115

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo