The vulnerability affects Arista EOS, the operating system underpinning a wide range of Arista network switches deployed in data centers and enterprise edge environments. CISA's classification as known-exploited means active exploitation is confirmed in the wild, not merely theoretical. Arista customers should cross-reference the affected EOS versions in Arista's security advisory and prioritize patching or mitigating before the June 23 deadline. Given how often Arista gear sits at critical network chokepoints, exposure here is worth treating as high-priority even outside the federal compliance perimeter.