ServiceNow Addresses Critical AI Platform Vulnerability Allowing Unauthenticated User Impersonation
ServiceNow has recently addressed a significant security vulnerability within its AI Platform, identified as CVE-2025-12420, which could have allowed unauthenticated users to impersonate others and execute actions on their behalf. This flaw, carrying a CVSS score of 9.3 out of 10, posed a substantial risk to organizations utilizing the platform.
The vulnerability was discovered by Aaron Costello, Chief of SaaS Security Research at AppOmni, in October 2025. It enabled attackers without authentication to assume the identity of legitimate users, granting them the ability to perform operations permitted to the impersonated accounts. Such unauthorized access could lead to data breaches, unauthorized data modifications, and potential escalation of privileges within affected systems.
In response, ServiceNow promptly deployed a security update on October 30, 2025, to the majority of its hosted instances. The company also provided patches to self-hosted customers, partners, and those with unique configurations to ensure comprehensive protection against this vulnerability.
The following versions include the fix for CVE-2025-12420:
– Now Assist AI Agents (sn_aia): Versions 5.1.18 or later and 5.2.19 or later.
– Virtual Agent API (sn_va_as_service): Versions 3.15.2 or later and 4.0.4 or later.
ServiceNow has urged all users to apply the appropriate security updates or upgrades promptly to mitigate potential threats. While there is no evidence of this vulnerability being exploited in the wild, proactive measures are essential to maintain system integrity and security.
This disclosure follows a previous revelation by AppOmni, nearly two months prior, highlighting that malicious actors could exploit default configurations in ServiceNow’s Now Assist generative AI platform. Such exploitation could lead to second-order prompt injection attacks, enabling unauthorized actions like data exfiltration, record modifications, and privilege escalation.
Organizations utilizing ServiceNow’s AI Platform are strongly advised to review their systems, apply the necessary patches, and remain vigilant against potential security threats. Regular updates and adherence to security best practices are crucial in safeguarding sensitive information and maintaining operational integrity.
