Incorrect default permissions in Arista Extensible Operating System (EOS) - CVE-2026-52895
Published: June 24, 2026
Arista Extensible Operating System (EOS)
Detailed vulnerability description
The vulnerability allows a local user to view and alter user credentials.
The vulnerability exists due to incorrect default permissions in the device when handling credential data for logged-in users. A local user can access and modify credential data to view and alter user credentials.
Exploitation is limited to users logged into the device.