CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation
CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation
https://thehackernews.com/2026/06/cisa-adds-cisco-chrome-and-arista-flaws.html
Publish Date: 2026-06-10 10:44:00
Source Domain: thehackernews.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation.
The list of vulnerabilities is as follows –
- CVE-2026-20245 (CVSS score: 7.8) – An improper encoding or escaping of output vulnerability in Cisco Catalyst SD-WAN Manager that could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system.
- CVE-2026-11645 (CVSS score: 8.8) – An out-of-bounds read and write vulnerability in Google Chrome V8 that could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
- CVE-2026-7473 (CVSS score: 6.9) – An incomplete comparison with missing factors vulnerability in Arista Extensible Operating System (EOS) that could be exploited to process non-configured tunnel traffic.
No Patch Planned for Exploited Arista EOS Flaw
“On affected platforms running Arista EOS where a tunnel decapsulation configuration – such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface – is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packets with a destination IP matching its configured decapsulation IP,” Arista said.
“This occurs because the switch does not verify the tunnel protocol type, potentially leading to the unexpected processing of non-configured tunnel traffic.”
The security defect mainly impacts 7020R, 7280R/R2, and 7500R/R2 series products. However, for successful exploitation to occur, the device must be configured as a tunnel endpoint with a decapsulation IP, such as a VXLAN VTEP, a GRE tunnel endpoint, or with an IP decap-group.
The network equipment company acknowledged that the vulnerability has been “reported as being exploited in the wild,” crediting…
