| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-54549 | Cryptographic validation of upgrade images could be circumventing by dropping a specifically crafted file into the upgrade ISO | Arista Networks | DANZ Monitoring Fabric | Medium | 5.9 | 2025-10-29 22:55:54 | Deep Dive |
| CVE-2025-54548 | On affected platforms, restricted users could view sensitive portions of the config database via a debug API (e.g., user password hashes) | Arista Networks | DANZ Monitoring Fabric | Medium | 4.3 | 2025-10-29 22:52:54 | Deep Dive |
| CVE-2025-54547 | On affected platforms, if SSH session multiplexing was configured on the client side, SSH sessions (e.g, scp, sftp) multiplexed onto the same channel could perform file-system operations after a configured session timeout expired | Arista Networks | DANZ Monitoring Fabric | Medium | 5.3 | 2025-10-29 22:45:53 | Deep Dive |
| CVE-2025-54546 | On affected platforms, restricted users could use SSH port forwarding to access host-internal services | Arista Networks | DANZ Monitoring Fabric | High | 7.5 | 2025-10-29 22:40:58 | Deep Dive |
| CVE-2025-54545 | On affected platforms, a restricted user could break out of the CLI sandbox to the system shell and elevate their privileges. | Arista Networks | DANZ Monitoring Fabric | High | 7.8 | 2025-10-29 22:36:24 | Deep Dive |