A recent cybersecurity report has unveiled a serious vulnerability in Salesforce’s AgentForce, dubbed “ForcedLeak,” highlighting risks from new AI-specific threats. Rated critical with a CVSS score of 9.4, the vulnerability enables indirect prompt injection attacks that exploit expanded attack surfaces of AI agents. Discovered by Noma Labs, ForcedLeak exposes how attackers can manipulate input in Salesforce’s Web-to-Lead forms. When employees query AgentForce about leads, malicious payloads can be executed unknowingly, allowing unauthorized access to sensitive CRM data, including customer contacts and sales strategies. The attack methodology involved exploiting form fields, crafting realistic prompts, and bypassing Salesforce’s Content Security Policy (CSP) through an expired whitelisted domain. Organizations using AgentForce for customer acquisition are at high risk, facing potential data exposure, regulatory issues, and reputational damage. Salesforce responded swiftly, patching the flaw and enhancing security measures. Businesses must remain vigilant against such vulnerabilities in AI-driven systems.
Source link
Share
Read more