vulnerability
security-advisory-0076
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Apr 26, 2022 | Sep 4, 2024 | Jan 14, 2026 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Apr 26, 2022
Added
Sep 4, 2024
Modified
Jan 14, 2026
Description
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable. The impact of this issue is that a remote attacker can make the PTP service unavailable. If this happens, the switch will fail to provide PTP time synchronization services to the devices downstream, leading to the degrading of the time maintained by the downstream devices. This issue was discovered by a customer and Arista is not aware of any malicious uses of this issue in customer networks.
Solution
upgrade-solution-cve-2021-28510
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.