CVE-2026-25623 PUBLISHED

Arista Edge Threat Management NGFW UI Arbitrary Command Execution

Assigner: Arista
Reserved: 03.02.2026 Published: 05.06.2026 Updated: 05.06.2026

An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Authenticated administrators can leverage this exposure to obtain underlying terminal script code processing execution permissions.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:L/SI:L/SA:L/S:P
CVSS Score: 7

Product Status

Vendor Arista Networks
Product Arista Edge Threat Management - Arista Next Generation Firewall (NGFW)
Versions Default: unaffected
  • affected from 0 to 17.4.0 (incl.)

Affected Configurations

A successful attack requires high-privileged authenticated management interface configuration access to the NGFW web platform.

Workarounds

Per operational best practice security models, do not allow unauthorized administrative access to the administrative browser.

Solutions

The recommended resolution is to upgrade to NGFW Version 17.4.1 at your earliest convenience.

Credits

  • Jon Williams & Ronan Kervella from Bishop Fox finder

References

Problem Types

  • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE

Impacts

  • CAPEC-88 OS Command Injection