Plateforme
javascript
Composant
forceworkbench
Corrigé dans
65.0.1
CVE-2026-35178 describes a Remote Code Execution (RCE) vulnerability discovered in Salesforce Workbench. This vulnerability arises from the insecure handling of attacker-controlled cookie values during timezone conversion, potentially allowing unauthorized code execution within the Workbench environment. The vulnerability affects versions prior to 65.0.0 and has been resolved in version 65.0.0.
Successful exploitation of CVE-2026-35178 could grant an attacker complete control over the system running Salesforce Workbench. This could involve data exfiltration, modification of Salesforce data, installation of malicious software, or even pivoting to other systems within the network. The blast radius extends to any sensitive data stored within the Salesforce organization managed by Workbench, and the attacker could potentially compromise the entire Salesforce instance. This vulnerability highlights the importance of secure cookie handling and input validation in web applications, particularly those interacting with sensitive data.
CVE-2026-35178 was publicly disclosed on 2026-04-06. There are currently no publicly available proof-of-concept exploits. The vulnerability's impact is significant due to the potential for remote code execution, but the lack of public exploits suggests a low to medium probability of exploitation at present. Monitor security advisories and threat intelligence feeds for any updates.
Organizations utilizing Salesforce Workbench for administrative or development tasks, particularly those with custom integrations or extensions, are at risk. Environments where Workbench is exposed to untrusted networks or users are especially vulnerable. Legacy Workbench configurations with weak access controls should be prioritized for remediation.
disclosure
Statut de l'Exploit
EPSS
0.67% (percentile 71%)
CISA SSVC
The primary mitigation for CVE-2026-35178 is to immediately upgrade Salesforce Workbench to version 65.0.0 or later. If upgrading is not immediately feasible, consider implementing stricter cookie validation and sanitization measures within the Workbench environment. While a direct WAF rule is unlikely to be effective, reviewing and tightening access controls to Workbench, limiting its exposure, and regularly auditing its configuration can reduce the attack surface. After upgrading, confirm the fix by attempting a timezone conversion with a crafted cookie and verifying that the application does not execute arbitrary code.
Mettez à jour Workbench à la version 65.0.0 ou supérieure pour atténuer la vulnérabilité d'exécution remota de code. Cette mise à jour corrige la manière dont les valeurs de cookie contrôlées par l'attaquant sont gérées pendant la conversion de fuseaux horaires, empêchant l'exécution de code malveillant.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2026-35178 is a Remote Code Execution vulnerability in Salesforce Workbench versions before 65.0.0, allowing attackers to potentially execute code through insecure cookie processing.
If you are using Salesforce Workbench versions prior to 65.0.0, you are potentially affected by this vulnerability. Check your current version and upgrade immediately.
The recommended fix is to upgrade Salesforce Workbench to version 65.0.0 or later. If immediate upgrade is not possible, implement stricter cookie validation.
As of now, there are no publicly known active exploits for CVE-2026-35178, but the potential for exploitation remains due to the RCE nature of the vulnerability.
Refer to the official Salesforce security advisory for detailed information and updates regarding CVE-2026-35178.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.