Arista Networks confirmed an EOS vulnerability is under active exploitation—and then dropped the hammer: no patch is planned. Organizations are left choosing between vendor-supplied mitigations and retiring the affected hardware.
This is the scenario every network team dreads. A flaw being exploited in the wild with no code fix on the roadmap forces an uncomfortable either-or: live with the residual risk or rip out and replace gear that might be fine. Arista hasn’t published a full list of affected devices, so if you’re running their switches or routers, a call to your account team is in order.
In the meantime, lock down management interfaces, tighten network segmentation, and treat any device that might be vulnerable as potentially compromised. Watch for unusual traffic patterns and audit administrative access logs carefully.
Source: SecurityWeek
