• Home
  • cyber
  • ServiceNow: ServiceNow AI Vulnerability CVE-2025-12420: Critical Security Risk
cyber Vulnerability

ServiceNow: ServiceNow AI Vulnerability CVE-2025-12420: Critical Security Risk

Jan 13, 2026 2 min read
ServiceNow: ServiceNow AI Vulnerability CVE-2025-12420: Critical Security Risk

Critical ServiceNow AI Vulnerability (CVE-2025-12420) Exposes Privilege Escalation Risk

On 13 January 2026, cybersecurity researchers disclosed CVE-2025-12420, a critical vulnerability in ServiceNow’s AI platform with a severity score of 9.3/10. The flaw, which could enable unauthenticated attackers to impersonate legitimate users, posed a severe risk of privilege escalation potentially allowing outsiders to access systems as privileged employees without credentials.

The vulnerability was first identified in October 2025 by SaaS security firm AppOmni, with researcher Aaron Costello contributing to its disclosure. ServiceNow responded swiftly, releasing security updates on 30 October 2025 to mitigate the threat for most hosted instances. However, self-hosted customers were urged to apply patches immediately, as the issue remained unaddressed in their environments.

The flaw specifically impacted two ServiceNow Store applications:

  • Now Assist AI Agents (sn_aia) – Required updates to 5.1.18+ or 5.2.19+.
  • Virtual Agent API (sn_va_as_service) – Required updates to 3.15.2+ or 4.0.4+.

While ServiceNow reported no known exploits at the time of disclosure, the company warned that publicly disclosed vulnerabilities heighten risk, emphasizing the need for affected customers to review the advisory. The incident underscores the growing security challenges in AI-driven enterprise platforms and the importance of rapid patching for both cloud and on-premises deployments.

Source: https://www.redhotcyber.com/en/post/servicenow-ai-vulnerability-cve-2025-12420-critical-security-risk/

ServiceNow TPRM report: https://www.rankiteo.com/company/servicenow

"id": "ser1768373239",
"linkid": "servicenow",
"type": "Vulnerability",
"date": "1/2026",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"
{'affected_entities': [{'customers_affected': 'Hosted and self-hosted '
                                              'ServiceNow customers using '
                                              'affected Store applications',
                        'industry': 'Software (SaaS, AI, IT Service '
                                    'Management)',
                        'name': 'ServiceNow',
                        'type': 'Technology Company'}],
 'attack_vector': 'Impersonation without authentication',
 'customer_advisories': 'Customers were advised to update affected '
                        'applications or apply patches immediately.',
 'date_detected': '2025-10',
 'date_publicly_disclosed': '2026-01-13',
 'date_resolved': '2025-10-30',
 'description': 'A critical flaw has been identified in ServiceNow’s '
                'artificial intelligence platform, with a severity score of '
                '9.3 out of 10. This vulnerability, classified as '
                'CVE-2025-12420, could allow attackers to impersonate '
                'legitimate users without authenticating. The issue remains a '
                'significant risk of privilege escalation.',
 'impact': {'identity_theft_risk': 'High (impersonation of privileged users)',
            'systems_affected': 'ServiceNow AI platform (Now Assist AI Agents, '
                                'Virtual Agent API)'},
 'investigation_status': 'Resolved for hosted instances; ongoing for '
                         'self-hosted instances',
 'post_incident_analysis': {'corrective_actions': 'Security updates and '
                                                  'patches released for '
                                                  'affected applications',
                            'root_causes': 'Critical flaw in ServiceNow AI '
                                           'platform allowing unauthenticated '
                                           'impersonation'},
 'recommendations': 'Self-hosted customers should update affected Store '
                    'applications immediately to the latest versions (Now '
                    'Assist AI Agents: 5.1.18+ or 5.2.19+; Virtual Agent API: '
                    '3.15.2+ or 4.0.4+).',
 'references': [{'date_accessed': '2026-01-13', 'source': 'Redazione RHC'},
                {'source': 'ServiceNow Advisory'},
                {'source': 'AppOmni'}],
 'response': {'communication_strategy': 'Public advisory issued to customers '
                                        'and partners',
              'containment_measures': 'Security updates released for hosted '
                                      'instances',
              'incident_response_plan_activated': 'Yes',
              'remediation_measures': 'Patches released for affected Store '
                                      'applications (Now Assist AI Agents, '
                                      'Virtual Agent API)',
              'third_party_assistance': 'AppOmni (SaaS security firm), '
                                        'researcher Aaron Costello'},
 'stakeholder_advisories': 'ServiceNow issued advisories to customers and '
                           'partners regarding the vulnerability and '
                           'remediation steps.',
 'title': 'ServiceNow AI Vulnerability CVE-2025-12420: Critical Security Risk',
 'type': 'Privilege Escalation',
 'vulnerability_exploited': 'CVE-2025-12420'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.