- ServiceNow patched a critical impersonation flaw in its AI platform, tracked as CVE-2025-12420 (CVSS 9.3).
- The bug could allow an unauthenticated attacker to act as another user and perform that user’s permitted actions.
- Patches were deployed to most hosted instances on October 30, 2025, and fixes were provided to partners and self-hosted customers.
- Fixed component versions include Now Assist AI Agents (sn_aia) and Virtual Agent API (sn_va_as_service); administrators should apply updates immediately.
ServiceNow disclosed a critical vulnerability in its ServiceNow AI Platform that could let an unauthenticated actor impersonate another user and execute that user’s permitted operations. The flaw is tracked as CVE-2025-12420 and has a CVSS score of 9.3.
The company, in an advisory, stated the issue’s impact and mitigation steps. “This issue […] could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform,” the advisory said.
ServiceNow rolled out a security update to the majority of hosted instances on October 30, 2025, and shared patches with partners and self-hosted customers. There is no evidence the vulnerability has been exploited in the wild, but users are urged to apply updates quickly to reduce risk.
The fixes appear in specific component versions: Now Assist AI Agents (sn_aia) — 5.1.18 or later and 5.2.19 or later — and Virtual Agent API (sn_va_as_service) — 3.15.2 or later and 4.0.4 or later. Administrators should verify installed versions and upgrade to the listed releases.
Aaron Costello, chief of SaaS Security Research at AppOmni, discovered and reported the flaw in October 2025. This disclosure follows AppOmni’s earlier findings that default Now Assist configurations could enable second-order prompt injection attacks, which can be used to copy data, modify records, or escalate privileges.
Apply the provided security updates and review AI-agent configurations to limit exposure. The advisory linked above contains ServiceNow’s remediation guidance and version details.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Coinbase Whale Withdraws 48.53B SHIB as Accumulation Grows!!
- VanEck: Clear Fiscal, Monetary Signals Spur Risk-On 2026 Now
- X Product Head Nikita Bier Criticized Over Algorithm Shift!!
- Truebit $26M Exploit: Overflow Bug Lets Cheap TRU Mint Now!!
- BRICS de-dollarization surges as ruble, yuan dominate trade.
