Improper privilege management in Arista Extensible Operating System (EOS) - CVE-2026-52897
Published: June 24, 2026
Arista Extensible Operating System (EOS)
Detailed vulnerability description
The vulnerability allows a local user to perform unauthorized operations.
The vulnerability exists due to improper privilege management in user privilege handling on the device when authenticated users access the system. A local user can obtain privilege levels that exceed intended restrictions to perform unauthorized operations.
The agent must be configured to stream to CloudVision for exploitation.