From thehackernews.com
![saltstack remote code execution vulnerability](https://thehackernews.com/images/-ydy9Fzk0nqU/XqwePD5OqUI/AAAAAAAAASk/uWabw7-xCao9P2D4zR41IqwAZjzcMPYywCLcBGAsYHQ/s728-e100/saltstack-remote-code-execution-vulnerability.jpg)
Two severe security flaws have been discovered in the open-source SaltStack Sat configuration framework that could allow an adversary to execute arbitrary code on remote servers deployed in data centers and cloud environments.
The vulnerabilities were identified by F-Secure researchers earlier this March and disclosed on Thursday, a day after SaltStack released a patch (version 3000.2) addressing the issues, rated with CVSS score 10.