A critical CVSS 9.4 vulnerability, known as “ForcedLeak,” was discovered in Salesforce’s Agentforce AI platform, enabling indirect prompt injection via Web-to-Lead forms. Cybersecurity researchers from Noma Labs revealed that this flaw could result in serious customer data exfiltration. The vulnerability affects the Web-to-Lead feature, which captures prospect information through forms, allowing attackers to insert malicious instructions into seemingly harmless submissions. When queried later, Agentforce unintentionally executes these commands due to its complex functionalities. Key security weaknesses include context validation failures, overly permissive behavior, and the exploitation of an expired whitelisted domain. Salesforce responded by investigating and issuing patches within months, emphasizing the necessity for robust input validation and strict URL enforcement. Organizations using Agentforce must adopt AI-centric security frameworks to mitigate risks as AI’s role in business increases. This incident highlights new security challenges posed by autonomous AI systems in enterprise environments.
Source link
Share
Read more