ServiceNow has disclosed particulars of a now-patched vital security flaw impacting its ServiceNow AI Platform that would allow an unauthenticated consumer to impersonate one other consumer and carry out arbitrary actions as that consumer.
The vulnerability, tracked as CVE-2025-12420, carries a CVSS rating of 9.3 out of 10.0
“This challenge […] may allow an unauthenticated consumer to impersonate one other consumer and carry out the operations that the impersonated consumer is entitled to carry out,” the corporate mentioned in an advisory launched Monday.
The shortcoming was addressed by ServiceNow on October 30, 2025, by deploying a security replace to nearly all of hosted situations, with the corporate additionally sharing the patches with ServiceNow companions and self-hosted prospects.
The next variations embody a repair for CVE-2025-12420 –
- Now Help AI Brokers (sn_aia) – 5.1.18 or later and 5.2.19 or later
- Digital Agent API (sn_va_as_service) – 3.15.2 or later and 4.0.4 or later
ServiceNow credited Aaron Costello, chief of SaaS Safety Analysis at AppOmni, with discovering and reporting the flaw in October 2025. Whereas there isn’t a proof that the vulnerability has been exploited within the wild, customers are suggested to use an applicable security replace as quickly as potential to mitigate potential threats.
The disclosure comes practically two months after AppOmni revealed that malicious actors can exploit default configurations in ServiceNow’s Now Help generative synthetic intelligence (AI) platform and leverage its agentic capabilities to conduct second-order immediate injection assaults.
The difficulty may then be weaponized to execute unauthorized actions, enabling attackers to repeat and exfiltrate delicate company information, modify data, and escalate privileges.
