CVE-2024-47520

High

Published: 10 January 2025

Published

10 January 2025

Modified

29 September 2025

KEV Added

—

Patch

—

CVSS Score 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L

EPSS Score 0.0012 30.7th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-47520 is a high-severity Improper Isolation or Compartmentalization (CWE-653) vulnerability in Arista Ng Firewall. Its CVSS base score is 7.6 (High).

Operationally, ranked at the 30.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-24 (Access Control Decisions).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

AC-3 Access Enforcement good match

prevent

Enforces approved authorizations for logical access, directly preventing users from performing unauthorized actions despite having advanced report access rights.

AC-6 Least Privilege partial match

prevent

Applies least privilege to limit users to only necessary permissions, reducing the scope of unauthorized actions exploitable via the authorization flaw.

AC-24 Access Control Decisions partial match

prevent

Ensures access control decisions are properly defined and reviewed, addressing flawed authorization logic that allows unintended actions for report users.

NVD Description

A user with advanced report application access rights can perform actions for which they are not authorized

Deeper analysisAI

CVE-2024-47520 is an authorization vulnerability (CWE-653) affecting Arista software, where a user with advanced report application access rights can perform actions for which they are not authorized. It has a CVSS v3.1 base score of 7.6 (AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L), indicating high severity due to significant impacts on confidentiality and integrity.

The vulnerability can be exploited by a low-privileged, authenticated attacker over the network with low complexity, though it requires user interaction. Successful exploitation allows the attacker to achieve high confidentiality and integrity impacts, with low availability impact, enabling unauthorized actions beyond the user's intended permissions within the affected report application.

Arista's security advisory (https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105) provides details on patches and mitigations; security practitioners should consult it for specific remediation steps, such as applying updates to vulnerable components.

Details

CWE(s): CWE-653

Affected Products

arista

ng firewall

≤ 17.1.1

CVEs Like This One

CVE-2024-9188Same product: Arista Ng Firewall

CVE-2024-47519Same product: Arista Ng Firewall

CVE-2024-9132Same product: Arista Ng Firewall

CVE-2024-9134Same product: Arista Ng Firewall

CVE-2024-47518Same product: Arista Ng Firewall

CVE-2024-9131Same product: Arista Ng Firewall

CVE-2025-21590Shared CWE-653

CVE-2024-0135Shared CWE-653

CVE-2026-34775Shared CWE-653

CVE-2025-1974Shared CWE-653

References

https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105
Mitigation, Vendor Advisory · psirt@arista.com