ServiceNow has revealed information about a critical security vulnerability affecting its ServiceNow AI Platform that has been fixed This article explores vulnerability affecting servicenow. . This vulnerability could allow an unauthorized user to assume the identity of another user and carry out arbitrary actions as that user.

"This issue [...] could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform," the company stated in an advisory released on Monday. The vulnerability, identified as CVE-2025-12420, has a CVSS score of 9.3 out of 10.0. On October 30, 2025, ServiceNow fixed the flaw by applying a security update to most hosted instances. The company also shared the patches with self-hosted clients and ServiceNow partners.

A fix for CVE-2025-12420 - Now Assist AI Agents (sn_aia) - 5.1.18 or later and 5.2.19 or later Virtual Agent API (sn_va_as_service) - 3.15.2 or later and 4.0.4 or later is included in these versions. AppOmni's chief of SaaS Security Research, Aaron Costello, was credited by ServiceNow with identifying and reporting the vulnerability in October 2025. Users are advised to apply an appropriate security update as soon as possible to mitigate potential threats, even though there is no proof that the vulnerability has been exploited in the wild.

Nearly two months have passed since AppOmni disclosed that malicious actors can take advantage of ServiceNow's default configurations. Now support the generative AI platform and use its agentic capabilities to carry out second-order prompt injection attacks.

The problem could then be used as a weapon to carry out illegal activities, giving attackers the ability to alter records, escalate privileges, and copy and exfiltrate confidential company information.