CVE-2025-64318 – This vulnerability allows attackers to manipula... (How to Fix)

Q: What is the severity of CVE-2025-64318?

CVE-2025-64318 has a CVSS score of 5.3 (MEDIUM). This vulnerability allows attackers to manipulate LLM prompts to write malicious content to configuration files in Salesforce Mulesoft Anypoint Code Builder. Attackers could potentially modify system settings or inject malicious code. Organizations using vulnerable versions of Mulesoft Anypoint Code Builder are affected.

📋 TL;DR

This vulnerability allows attackers to manipulate LLM prompts to write malicious content to configuration files in Salesforce Mulesoft Anypoint Code Builder. Attackers could potentially modify system settings or inject malicious code. Organizations using vulnerable versions of Mulesoft Anypoint Code Builder are affected.

💻 Affected Systems

Products:

Salesforce Mulesoft Anypoint Code Builder

Versions: All versions before 1.12.1

Operating Systems: All supported platforms

Default Config Vulnerable: ⚠️ Yes

Notes: Affects systems where LLM prompting features are enabled and configuration files are writable.

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through malicious configuration file modifications leading to remote code execution or data exfiltration.

🟠

Likely Case

Unauthorized modification of configuration files leading to service disruption, privilege escalation, or data manipulation.

🟢

If Mitigated

Limited impact with proper input validation and file permission controls in place.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires access to LLM prompting functionality and knowledge of vulnerable file paths.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.12.1

Vendor Advisory: https://help.salesforce.com/s/articleView?id=005228032&type=1

Restart Required: Yes

Instructions:

1. Backup current configuration. 2. Download and install version 1.12.1 from official Salesforce sources. 3. Restart the Anypoint Code Builder service. 4. Verify the update completed successfully.

🔧 Temporary Workarounds

Disable LLM Prompting Features

all

Temporarily disable LLM integration features that accept external input.

# Check documentation for specific configuration settings to disable LLM features

Restrict Configuration File Permissions

linux

Make configuration files read-only for non-administrative users.

chmod 644 /path/to/config/files/*.properties
chown root:root /path/to/config/files/*.properties

🧯 If You Can't Patch

Implement strict input validation for all LLM prompt inputs
Monitor and audit all configuration file modifications

🔍 How to Verify

Check if Vulnerable:

Check the installed version of Mulesoft Anypoint Code Builder. If version is below 1.12.1, the system is vulnerable.

Check Version:

# Check version in application interface or configuration files

Verify Fix Applied:

Confirm version is 1.12.1 or higher and test LLM prompting functionality with malicious input attempts.

📡 Detection & Monitoring

Log Indicators:

Unauthorized configuration file modification attempts
Unusual LLM prompt patterns
Failed write attempts to protected files

Network Indicators:

Unusual API calls to LLM services
Suspicious file transfer patterns

SIEM Query:

source="anypoint-logs" AND (event="config_modification" OR event="llm_prompt") AND user!="admin"

📊 Metadata

CVE ID: CVE-2025-64318

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE: CWE-94

Published: November 4, 2025

Last Updated: February 5, 2026

🤖 AI-assisted analysis, reviewed for accuracy

🔗 References

https://help.salesforce.com/s/articleView?id=005228032&type=1 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-64318, you might also want to check these: