CVE-2025-62348
Unsafe YAML Deserialization in Salt Junos Module Enables Code Execution
Publication date: 2026-01-30
Last updated on: 2026-01-30
Assigner: VMware
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| saltproject | salt | 3006.17 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in Salt's junos execution module involves unsafe usage of YAML decode/load functions. A specially crafted YAML payload processed by this module could lead to unintended code execution within the Salt process context, potentially allowing an attacker to execute arbitrary code. [1]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker to execute arbitrary code on the system running the Salt process, which could lead to unauthorized actions, data compromise, or system control under the privileges of the Salt process. [1]
What immediate steps should I take to mitigate this vulnerability?
To mitigate the CVE-2025-62348 vulnerability, you should update Salt to version 3006.17 or later, as this release contains the fix that corrects the unsafe YAML loading in the junos execution module. Applying this update will prevent potential exploitation of the vulnerability. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.