CVE-2024-4578

Name of the Vulnerable Software and Affected Versions: Arista Wireless Access Points (affected versions not specified)

Description: The issue allows an entity with the ability to authenticate via SSH to an affected Arista Wireless Access Point as the config user to cause a privilege escalation via spawning a bash shell. The SSH CLI session does not require high permissions to exploit this issue, but the config password is required to establish the session. The spawned shell is able to obtain root privileges.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this issue.