vulnerability

security-advisory-0048

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
10	(AV:N/AC:L/Au:N/C:C/I:C/A:C)	May 13, 2020	Sep 4, 2024	Jan 14, 2026

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

May 13, 2020

Added

Sep 4, 2024

Modified

Jan 14, 2026

Description

This security advisory documents the exposure of Arista's products to a security vulnerability in EOS, for customers who use Telnet in their management plane. The vulnerability is in the telnet server (telnetd) and can lead to arbitrary remote code execution by an attacker without requiring credentials. This is not an Arista specific vulnerability. The exposure in EOS is limited to systems with the telnetd service explicitly enabled (i.e. "management telnet" enabled).

Solution

upgrade-solution-cve-2020-10188

References

CVE-2020-10188
https://attackerkb.com/topics/CVE-2020-10188
URL-https://www.arista.com//en/support/advisories-notices/security-advisory/10702-security-advisory-48

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today