CVE-2021-28510

Public Exploit
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.

Description

For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.

Remediation

Solution:

  • The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Artista recommends customers move to the latest version of each release that contains all the fixes listed below. CVE-2021-28510 has been fixed in the following releases: 4.27.2 and later releases in the 4.27.x train 4.26.5 and later releases in the 4.26.x train 4.25.7 and later releases in the 4.25.x train 4.24.9 and later releases in the 4.24.x train 4.23.11 and later releases in the 4.23.x train
  • Hotfix The following hotfix can be applied to remediate CVE-2021-28510 Note: Installing/uninstalling the SWIX will cause the PTP agent to restart. Version: 1.0 URL:SecurityAdvisory76_CVE-2021-28510_Hotfix.swix SWIX hash: (SHA-512)2b78b8274b7c73083775b0327e13819c655db07e22b80038bb3843002c679a798b53a4638c549a86183e01a835377bf262d27e60020a39516a5d215e2fadb437

Workaround:

  • Install ACL rules to drop PTP packets from untrusted sources. Best practice is to block access to untrusted (non-management) networks.

Categories

5.3
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.22%
Vendor Advisory arista.com
Affected: Arista Networks EOS
Published at:
Updated at:

References

Link Tags
https://www.arista.com/en/support/advisories-notices/security-advisory/15439-security-advisory-0076 vendor advisory mitigation exploit

Frequently Asked Questions

What is the severity of CVE-2021-28510?
CVE-2021-28510 has been scored as a medium severity vulnerability.
How to fix CVE-2021-28510?
To fix CVE-2021-28510: The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Artista recommends customers move to the latest version of each release that contains all the fixes listed below. CVE-2021-28510 has been fixed in the following releases: 4.27.2 and later releases in the 4.27.x train 4.26.5 and later releases in the 4.26.x train 4.25.7 and later releases in the 4.25.x train 4.24.9 and later releases in the 4.24.x train 4.23.11 and later releases in the 4.23.x train
Is CVE-2021-28510 being actively exploited in the wild?
It is possible that CVE-2021-28510 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-28510?
CVE-2021-28510 affects Arista Networks EOS.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.