EXECUTIVE SUMMARY:
The vulnerability identified as CVE-2025-62348 impacts the junos execution module in a configuration management package where unsafe YAML decoding is used, allowing specially crafted YAML payloads to be processed insecurely. This flaw can result in unintended code execution within the context of the running process, creating a serious security concern for affected environments. The issue affects versions earlier than 3006.17 and carries a CVSS score of 7.3, reflecting its high severity due to the potential for arbitrary code execution with service-level privileges. The vulnerability has been resolved in version 3006.17 by correcting the unsafe YAML load behavior to prevent exploitation through malicious payloads.
RECOMMENDATION:
We strongly recommend update Salt junos execution module to version 3006.17.
REFERENCES:
The following reports contain further technical details:
https://github.com/advisories/GHSA-77w2-v593-vxvv