Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-62348
PUBLISHED
More InfoOfficial Page
Assigner-vmware
Assigner Org ID-dcf2e128-44bd-42ed-91e8-88f912c1401d
View Known Exploited Vulnerability (KEV) details
Published At-30 Jan, 2026 | 18:57
Updated At-31 Jan, 2026 | 04:56
Rejected At-
▼CVE Numbering Authority (CNA)
Salt junos module uses an unsafe YAML loader which may allow unintended code execution

Salt's junos execution module contained an unsafe YAML decode/load usage. A specially crafted YAML payload processed by the junos module could lead to unintended code execution under the context of the Salt process.

Affected Products
Vendor
Salt Project
Product
Salt
Collection URL
https://saltproject.io/
Package Name
salt
Default Status
unaffected
Versions
Affected
  • From 3006.0 before 3006.17 (semver)
Vendor
Salt Project
Product
Salt
Collection URL
https://saltproject.io/
Package Name
salt
Default Status
unaffected
Versions
Affected
  • From 3007.0 before 3007.9 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-94CWE-94 Improper Control of Generation of Code ('Code Injection')
Type: CWE
CWE ID: CWE-94
Description: CWE-94 Improper Control of Generation of Code ('Code Injection')
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.07.3HIGH
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 4.0
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Upgrade Salt to a release that includes the Junos module YAML loader fix (e.g., Salt 3006.17 or later for the 3006 LTS line). For distro-packaged builds, install the vendor-provided fixed package version (for example Alpine salt-lts 3006.17-r0 or higher).

Configurations
Workarounds

If upgrading immediately is not possible, reduce exposure by restricting which users/automation can invoke junos execution module functions and by limiting access to any YAML inputs used by the junos module. Prefer trusted sources only for YAML content.

Exploits
Credits
reporter
Amr Kadry
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://docs.saltproject.io/en/latest/topics/releases/3006.17.html
release-notes
vendor-advisory
Hyperlink: https://docs.saltproject.io/en/latest/topics/releases/3006.17.html
Resource:
release-notes
vendor-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found