CVE-2024-4578

Privilege escalation in Arista Wireless Access Points

Description

This Advisory describes an issue that impacts Arista Wireless Access Points. Any entity with the ability to authenticate via SSH to an affected AP as the “config” user is able to cause a privilege escalation via spawning a bash shell. The SSH CLI session does not require high permissions to exploit this vulnerability, but the config password is required to establish the session. The spawned shell is able to obtain root privileges.

Remediation

Solution:

  • Arista recommends customers move to the latest version of each release that contains all the fixes listed below: CVE-2024-4578 has been fixed in the 13.x and 16.x release trains, as follows: * 13.0.2-28-vv1101 and later releases in the 13.0.2.x train * 16.1.0-51-vv703 and later releases in the 16.1.0.x train For more information about upgrading WiFi AP Software, please see Upgrade Server https://wifihelp.arista.com/post/upgrade-server  and Upgrading Firmware of Wi-Fi Access Points with On-Premises Wireless Manager https://wifihelp.arista.com/post/upgrading-firmware-of-wifi-access-points-with-on-premises-wireless-manager

Workaround:

  • To mitigate the attack, configure a strong config shell password and share the password only with admin and/or trusted parties.

Category

8.4
CVSS
Severity: High
CVSS 3.1 •
EPSS 0.24%
Affected: Arista Networks Arista Wireless Access Points
Published at:
Updated at:

References

Link Tags
https://www.arista.com/en/support/advisories-notices/security-advisory/19844-security-advisory-0098

Frequently Asked Questions

What is the severity of CVE-2024-4578?
CVE-2024-4578 has been scored as a high severity vulnerability.
How to fix CVE-2024-4578?
To fix CVE-2024-4578: Arista recommends customers move to the latest version of each release that contains all the fixes listed below: CVE-2024-4578 has been fixed in the 13.x and 16.x release trains, as follows: * 13.0.2-28-vv1101 and later releases in the 13.0.2.x train * 16.1.0-51-vv703 and later releases in the 16.1.0.x train For more information about upgrading WiFi AP Software, please see Upgrade Server https://wifihelp.arista.com/post/upgrade-server  and Upgrading Firmware of Wi-Fi Access Points with On-Premises Wireless Manager https://wifihelp.arista.com/post/upgrading-firmware-of-wifi-access-points-with-on-premises-wireless-manager
Is CVE-2024-4578 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-4578 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-4578?
CVE-2024-4578 affects Arista Networks Arista Wireless Access Points.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.