Salt Minion

by SaltStack, Incv3008.1

Last updated Jun 12, 2026

Software to automate the management and configuration of infrastructure and applications at scale.

Install with winget

$ winget install --id SaltStack.SaltMinion --exact --version 3008.1

Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.

Silent install command for Salt Minion

Salt Minion uses EXE (NSIS). The silent install switches are /S.

One-line silent install (x64, machine scope)

Salt-Minion-3008.1-Py3-AMD64-Setup.exe /S

See the full silent install reference for Salt Minion →

Built by Pckgr

For Intune admins

Stop chasing app updates. Pckgr patches them for you.

Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph - no manual repackaging, no chasing vendor sites.

Start free 30-day trial

No credit card required.

About

Salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more.

Installers · v3008.1

Architecture	Type	Scope	Install	Download
x86	EXE NSIS	machine		Direct
x64	EXE NSIS	machine		Direct

Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.

Security

25 known CVEs via NVD

critical9.6Patched in wingetCVE-2024-38824affects before 3006.12, 3007.4Jun 12, 2025
Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.
Vendor advisory
medium4.2Patched in wingetCVE-2023-20898affects before 3005.2, 3006.2Sep 5, 2023
Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data d...
Vendor advisory
medium5.3Patched in wingetCVE-2023-20897affects before 3005.2, 3006.2Sep 5, 2023
Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.
Vendor advisory
critical9.8Patched in wingetCVE-2021-33226affects <=3003Feb 17, 2023
Buffer Overflow vulnerability in Saltstack v.3003 and before allows attacker to execute arbitrary code via the func variable in salt/salt/modules/status.py file. NOTE: this is disputed by third parties because an attacker cannot influence the eval input
Vendor advisory
high8.8Patched in wingetCVE-2022-22967affects before 3002.9, 3003.5, 3004.2Jun 23, 2022
An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allows a previously authorized user whose account is locked still run Salt commands when their account is locked. This affects both local shell ac...
Vendor advisory
high8.8Patched in wingetCVE-2022-22941affects before 3002.8, 3003.4, 3004.1Mar 29, 2022
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisher_acl, if a user configured in the publisher_acl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no val...
high8.8Patched in wingetCVE-2022-22936affects before 3002.8, 3003.4, 3004.1Mar 29, 2022
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks, which can result in an attacker replaying job publishes causing minions to run old jobs. File server replies can also be...
low3.7Patched in wingetCVE-2022-22935affects before 3002.8, 3003.4, 3004.1Mar 29, 2022
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to force a minion process to stop by impersonating a master.

Showing 8 of 25. Source: NVD, updated 6h ago. Patch status is best-effort: NVD's fix version is compared against the latest version in winget, but the two version formats don't always align. Confirm with the vendor advisory before treating any specific build as safe.

See a CVE that affects your fleet? Push the patched version to Intune in one click with Pckgr - automated patching is the only way to keep up.

Related apps

C
cv4pve-botgramCorsinvest Srl
Corsinvest.cv4pve.botgramv1.9.0
Telegram Bot for Proxmox VE management
LinearLinear Orbit, Inc.
LinearOrbit.Linearv1.28.13
A purpose-built tool for planning and building products
EasyTidyEasyTidy
EasyTidy.EasyTidyv1.3.7.614
A simple file auto-classification tool that makes it easy to create automatic workflows with files.
Visual ParadigmVisual Paradigm International Ltd.
VisualParadigm.VisualParadigmv18.0
A suite of design, analysis and management tools to drive your IT project development and digital transformation.
NTLiteNlitesoft d.o.o.
Nlitesoft.NTLitev2026.5.11090.0
Local control for updating and editing Windows images and deployments.
MotionNexusbird, Inc.
Nexusbird.Motionv0.117.0
Create Hundreds of AI Employees Inside Motion's Work Management Platform

More from SaltStack, Inc or browse management, minion, saltstack.

Frequently asked questions

How do I install Salt Minion on Windows?

Open Windows Terminal, PowerShell, or Command Prompt and run: winget install --id SaltStack.SaltMinion --exact --version 3008.1. winget downloads the installer from SaltStack, Inc and runs it. Requires Windows 10 (1809+) or Windows 11.

How do I install Salt Minion silently for unattended deployment?

Add --silent and accept the agreements upfront: winget install --id SaltStack.SaltMinion --exact 3008.1 --silent --accept-package-agreements --accept-source-agreements. This is the variant Intune, Configuration Manager, and other deployment tools should use.

What are the silent install switches for Salt Minion?

Salt Minion uses EXE (NSIS). Run the downloaded installer with: Salt-Minion-3008.1-Py3-AMD64-Setup.exe /S. The silent switches are /S.

How do I uninstall Salt Minion via winget?

Run: winget uninstall --id SaltStack.SaltMinion --exact. Add --silent for unattended uninstalls. winget will use the registered uninstaller from Salt Minion's Apps & Features entry.

Is Salt Minion free?

Salt Minion is distributed under Apache-2.0. Refer to the publisher (https://saltproject.io/) for the full license terms - Wingetly itself does not charge for installation.

Does Salt Minion work on Windows 10?

Yes, as long as your Windows 10 build supports winget (1809 or newer). winget ships with App Installer on Windows 10/11 and pulls Salt Minion directly from the publisher.

How do I keep Salt Minion up to date?

Run winget upgrade --id SaltStack.SaltMinion --exact, or winget upgrade --all to update everything winget tracks. We index 10 versions of Salt Minion from microsoft/winget-pkgs.

Recent versions

3008.1latest
3008.0
3007.14
3007.13
3007.12
3007.11
3007.9
3007.8
3007.7
3007.6