CVE-2025-22241

CWE-22Path TraversalCWE-735 documents4 sources
Severity
5.6MEDIUM
EPSS
0.1%
top 65.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Vmware Salt
Timeline
PublishedJun 13

Description

File contents overwrite the VirtKey class is called when “on-demand pillar” data is requested and uses un-validated input to create paths to the “pki directory”. The functionality is used to auto-accept Minion authentication keys based on a pre-placed “authorization file” at a specific location and is present in the default configuration.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:NExploitability: 0.3 | Impact: 5.2

Affected Packages2 packages

PyPIsalt3007.0rc13007.4+1
CVEListV5vmware/salt3006.x3006.12+1

🔴Vulnerability Details

4
OSV
Salt's file contents overwrite the VirtKey class2025-06-13
CVEList
CVE-2025-22241 salt advisory2025-06-13
OSV
CVE-2025-22241: File contents overwrite the VirtKey class is called when “on-demand pillar” data is requested and uses un-validated input to create paths to the “pki2025-06-13
GHSA
Salt's file contents overwrite the VirtKey class2025-06-13
CVE-2025-22241 (MEDIUM CVSS 5.6) | File contents overwrite the VirtKey | cvebase.io