CVE-2025-64322

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Salesforce Agentforce Vibes Extension versions prior to 3.2.0

Description An incorrect permission assignment for a critical resource exists in Salesforce Agentforce Vibes Extension, allowing manipulation of writable configuration files.

Recommendations Update Salesforce Agentforce Vibes Extension to version 3.2.0 or later.

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2025-64322

Affected Products

Salesforce Agentforce Vibes Extension

CVE-2025-64322

Weakness Enumeration

Related Identifiers

Affected Products

References · 6