Cyber Blog

A team of cybersecurity researchers from AppOmni recently identified more than 20 configuration-related vulnerabilities in Salesforce Industry Cloud—Salesforce’s low-code platform for industries like healthcare, finance, and telecom. While these platforms streamline development, improper configurations can expose sensitive data and create serious security gaps

The risks span key components such as FlexCards, Data Mappers, Integration Procedures (IProcs), Data Packs, OmniOut, and OmniScript Saved Sessions. Poorly secured setups could let attackers or unauthorized insiders view encrypted data, hijack sessions, steal credentials, or manipulate business processes

Five of the most critical issues have been assigned CVE identifiers:

• CVE‑2025‑43697: Failure to enforce Field-Level Security in Data Mappers, exposing encrypted field values.
• CVE‑2025‑43698: SOQL queries bypass field-level security checks, revealing protected data.
• CVE‑2025‑43699: FlexCard ignores the “Required Permissions” setting.
• CVE‑2025‑43700: FlexCard exposes classic-encrypted data without enforcing view permissions.
• CVE‑2025‑43701: FlexCard allows guest users to access custom settings data

Three of these CVEs have already been addressed by Salesforce; two remain open and require manual configuration changes. Additionally, there are about 16 more configuration risks that customers must resolve themselves.

Salesforce collaborated with AppOmni to release patches and detailed configuration guidance. AppOmni also launched tools to help customers scan their environments for these vulnerabilities

---

Why This Matters

Salesforce Industry Cloud empowers organizations to build applications quickly—but convenience should never come at the expense of security. Misconfigured low-code components can expose medical records, financial data, and other sensitive information to unauthorized parties.

In today’s threat landscape, attackers often exploit overlooked misconfigurations rather than sophisticated exploits. Organizations that rely on Salesforce Industry Cloud should review and update their security settings immediately.

---

Recommended Actions

1. Apply Salesforce Patches where available to address the three fixed CVEs.
2. Manually update settings for the remaining CVEs and the additional 16 configuration issues.
3. Scan configurations using AppOmni’s tools or similar solutions to identify weak spots.
4. Establish regular reviews of Salesforce’s configuration settings, especially in low-code modules.

---

Keeping software—and especially configuration settings—secure requires ongoing attention. If you’re managing a Salesforce Industry Cloud setup, now is the time to audit and lock down those settings.