Description
On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, and routing enabled on the access VLAN of the ports, a malicious supplicant may be able to bypass the requirement to perform 802.1x authentication.
Published: 2026-06-04
Score: 8.2 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A malicious supplicant can bypass the 802.1x authentication requirement on Arista EOS devices that have 802.1x enabled on access or trunk ports and routing activated on the access VLAN. The flaw permits the unauthorized network access of the attacker without completing the 802.1x authentication handshake, effectively compromising the integrity of the network boundary. The weakness is a classic authentication bypass, classified as CWE-287.

Affected Systems

Arista Networks EOS running on the 4.32.0F and later releases of the 4.32.x train, 4.31.3M and later of the 4.31.x train, 4.30.5M and later of the 4.30.x train, and 4.29.7M and later of the 4.29.x train are vulnerable. Devices on the 7280E and 7500E platforms are end-of-life and do not have a released version that addresses this issue. The vulnerability impacts any configuration where 802.1x authentication is active on access or trunk ports with routing enabled on the associated access VLAN.

Risk and Exploitability

The CVSS score of 8.2 indicates high severity, and the absence of an EPSS value suggests that current exploitation evidence is limited. The issue is not listed in CISA's KEV catalog. A likely attack vector requires an attacker to act as a legitimate supplicant on the network, leveraging the device's routing capabilities on the access VLAN. Because the flaw allows locally authenticated transit of traffic without proper authentication, the risk to network confidentiality and integrity is substantial, and mitigation should occur promptly.

Generated by OpenCVE AI on June 4, 2026 at 23:50 UTC.

Remediation

Vendor Solution

The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see EOS User Manual: Upgrades and Downgrades https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades CVE-2023-5502 has been fixed in the following releases: * 4.32.0F and later releases in the 4.32.x train * 4.31.3M and later releases in the 4.31.x train * 4.30.5M and later releases in the 4.30.x train * 4.29.7M and later releases in the 4.29.x train Note: Products 7280E and 7500E are EOL, and there are no released versions of EOS which fix the issue on those platforms.

Vendor Workaround

Mitigation of this vulnerability requires disabling dot1x. Dot1x can be disabled globally using the following command: no dot1x system-auth-control

OpenCVE Recommended Actions

  • Upgrade the device to a patched EOS release—4.32.0F or later, 4.31.3M or later, 4.30.5M or later, or 4.29.7M or later—to eliminate the vulnerability.
  • If an upgrade is not immediately possible, disable 802.1x globally with the command `no dot1x system-auth-control` to prevent the attacker from exploiting the flaw.
  • On end‑of‑life platforms (7280E/7500E) that cannot be upgraded, plan for hardware replacement with a supported model that continues to receive security updates.
  • Review and remove 802.1x authentication from any access or trunk ports that require routing on the access VLAN if the device cannot be patched or the surface area could not be reduced.

Generated by OpenCVE AI on June 4, 2026 at 23:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 04 Jun 2026 22:45:00 +0000

Type Values Removed Values Added
Description On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, and routing enabled on the access VLAN of the ports, a malicious supplicant may be able to bypass the requirement to perform 802.1x authentication.
Title On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, a malicious supplicant may bypass authentication.
Weaknesses CWE-287
References
Metrics cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N'}

cvssV4_0

{'score': 8.2, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Arista

Published:

Updated: 2026-06-04T22:39:34.101Z

Reserved: 2023-10-10T15:58:04.589Z

Link: CVE-2023-5502

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-04T23:16:47.210

Modified: 2026-06-04T23:16:47.210

Link: CVE-2023-5502

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-05T00:00:08Z

Weaknesses