CVE-2025-0505 – “Arista CloudVision Zero Touch Provisioning Privilege Escalation”

May 8, 2025

CVE ID : CVE-2025-0505

Published : May 8, 2025, 7:16 p.m. | 56 minutes ago

Description : On Arista CloudVision systems (virtual or physical on-premise deployments), Zero Touch Provisioning can be used to gain admin privileges on the CloudVision system, with more permissions than necessary, which can be used to query or manipulate system state for devices under management. Note that CloudVision as-a-Service is not affected.

Severity: 10.0 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-8100 – Arista CloudVision Portal – Token Privilege Escalation

Next Article CVE-2024-11186 – Arista CloudVision Portal Elevated Privilege Access Vulnerability

Agent Mode for Gemini added to Android Studio

Google’s Agent2Agent protocol finds new home at the Linux Foundation

Decoding The SVG path Element: Curve And Arc Commands

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

Where to buy a Meta Quest 3S Xbox Edition — and why it’s a better bargain than the “normal” Meta Quest 3S

Vite 7.0 Is Out

Vite 7.0 Is Out

Exploring JavaScript ES2025 Edition

Mastering Mixed DML Operations in Apex

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

CVE-2025-0505 – “Arista CloudVision Zero Touch Provisioning Privilege Escalation”

Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched

CVE-2025-0966 – IBM InfoSphere Information Server SQL Injection Vulnerability

CVE-2025-4468 – SourceCodester Online Student Clearance System File Upload Vulnerability

CVE-2025-27558 – Wi-Fi Protected Access (WPA, WPA2, WPA3) and Wired Equivalent Privacy (WEP) Mesh Network FragAttacks

From Commit to Production: Hands-On GitOps Promotion with GitHub Actions, Argo CD, Helm, and Kargo

10 Best Free and Open Source Linux Document Processors

How to Write Documentation That Increases Sign-ups

Laravel Eloquent: 8 Tools to Debug Slow SQL Queries

CVE-2025-28169 – BYD QIN PLUS DM-i Dilink OS Unencrypted Broadcast Vulnerability

Are you playing DOOM: The Dark Ages when it launches? — Weekend discussion 💬

CVE-2025-0505 – “Arista CloudVision Zero Touch Provisioning Privilege Escalation”

Related Posts