Business AI

Critical "ForcedLeak" Vulnerability Disclosed in Salesforce AgentForce

Researchers detailed a flaw allowing CRM data theft via indirect prompt injection, highlighting new security risks from autonomous AI agents.

Olivia Sharp 1 min read 465 views
Free
A critical vulnerability named "ForcedLeak" was detailed, showing how attackers could steal CRM data from Salesforce's AgentForce AI platform using indirect prompt injection attacks.

Vulnerability Details

Security researchers from Noma Security on Sep 25, 2025, publicly detailed a critical vulnerability chain in Salesforce's AgentForce AI platform. The flaw, named "ForcedLeak," was assigned a CVSS severity score of 9.4 out of 10. It enabled an attacker to exfiltrate sensitive customer relationship management (CRM) data, such as contact information and sales pipeline details.

The attack used a sophisticated technique known as indirect prompt injection. Malicious instructions were embedded within a standard Salesforce "Web-to-Lead" form, which were then stored in the company's CRM database.

A New Attack Paradigm

The vulnerability highlighted the unique risks posed …

Archive Access

This article is older than 24 hours. Create a free account to access our 7-day archive.

Sign Up for Free Archive Access Already have an account? Log in

Share this article

#automation #tools #enterprise #SaaS

Related Articles