Plataforma
javascript
Componente
forceworkbench
Corregido en
65.0.1
CVE-2026-35178 describes a Remote Code Execution (RCE) vulnerability discovered in Salesforce Workbench. This vulnerability arises from the insecure handling of attacker-controlled cookie values during timezone conversion, potentially allowing unauthorized code execution within the Workbench environment. The vulnerability affects versions prior to 65.0.0 and has been resolved in version 65.0.0.
Successful exploitation of CVE-2026-35178 could grant an attacker complete control over the system running Salesforce Workbench. This could involve data exfiltration, modification of Salesforce data, installation of malicious software, or even pivoting to other systems within the network. The blast radius extends to any sensitive data stored within the Salesforce organization managed by Workbench, and the attacker could potentially compromise the entire Salesforce instance. This vulnerability highlights the importance of secure cookie handling and input validation in web applications, particularly those interacting with sensitive data.
CVE-2026-35178 was publicly disclosed on 2026-04-06. There are currently no publicly available proof-of-concept exploits. The vulnerability's impact is significant due to the potential for remote code execution, but the lack of public exploits suggests a low to medium probability of exploitation at present. Monitor security advisories and threat intelligence feeds for any updates.
Organizations utilizing Salesforce Workbench for administrative or development tasks, particularly those with custom integrations or extensions, are at risk. Environments where Workbench is exposed to untrusted networks or users are especially vulnerable. Legacy Workbench configurations with weak access controls should be prioritized for remediation.
disclosure
Estado del Exploit
EPSS
0.67% (71% percentil)
CISA SSVC
The primary mitigation for CVE-2026-35178 is to immediately upgrade Salesforce Workbench to version 65.0.0 or later. If upgrading is not immediately feasible, consider implementing stricter cookie validation and sanitization measures within the Workbench environment. While a direct WAF rule is unlikely to be effective, reviewing and tightening access controls to Workbench, limiting its exposure, and regularly auditing its configuration can reduce the attack surface. After upgrading, confirm the fix by attempting a timezone conversion with a crafted cookie and verifying that the application does not execute arbitrary code.
Actualice Workbench a la versión 65.0.0 o superior para mitigar la vulnerabilidad de ejecución remota de código. Esta actualización corrige la forma en que se manejan los valores de cookie controlados por el atacante durante la conversión de zonas horarias, previniendo la ejecución de código malicioso.
Análisis de vulnerabilidades y alertas críticas directamente en tu correo.
CVE-2026-35178 is a Remote Code Execution vulnerability in Salesforce Workbench versions before 65.0.0, allowing attackers to potentially execute code through insecure cookie processing.
If you are using Salesforce Workbench versions prior to 65.0.0, you are potentially affected by this vulnerability. Check your current version and upgrade immediately.
The recommended fix is to upgrade Salesforce Workbench to version 65.0.0 or later. If immediate upgrade is not possible, implement stricter cookie validation.
As of now, there are no publicly known active exploits for CVE-2026-35178, but the potential for exploitation remains due to the RCE nature of the vulnerability.
Refer to the official Salesforce security advisory for detailed information and updates regarding CVE-2026-35178.
Sube tu archivo de dependencias y detecta esta y otras CVEs al instante.