20260113-thehackernews.com-8b1a1 | Perceptive Security

< Back to index

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

Published:

13 January 2026 at 11:47:00

Alert date:

13 January 2026 at 12:01:15

Source:

thehackernews.com

Enterprise Applications, Identity & Access, Emerging Technologies

ServiceNow patched a critical security vulnerability (CVE-2025-12420) in its AI Platform with a CVSS score of 9.3. The flaw allows unauthenticated attackers to impersonate other users and perform arbitrary actions as that user. This represents a severe authentication bypass vulnerability in ServiceNow's enterprise platform that could lead to unauthorized access and privilege escalation. The high CVSS score indicates significant potential impact on confidentiality, integrity, and availability of affected systems.

Technical details

Critical security flaw in ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform arbitrary actions as that user. The vulnerability carries a CVSS score of 9.3 out of 10.0. The issue allows unauthenticated users to perform operations that the impersonated user is entitled to perform. Related to second-order prompt injection attacks that can be weaponized to execute unauthorized actions, copy and exfiltrate sensitive corporate data, modify records, and escalate privileges.

Mitigation steps:

Apply security updates as soon as possible. Update to fixed versions: Now Assist AI Agents (sn_aia) - 5.1.18 or later and 5.2.19 or later, Virtual Agent API (sn_va_as_service) - 3.15.2 or later and 4.0.4 or later. ServiceNow deployed security update to majority of hosted instances on October 30, 2025, and shared patches with ServiceNow partners and self-hosted customers.

Affected products:

ServiceNow AI Platform
Now Assist AI Agents (sn_aia) - versions prior to 5.1.18 and 5.2.19
Virtual Agent API (sn_va_as_service) - versions prior to 3.15.2 and 4.0.4
ServiceNow Now Assist generative AI platform