- Description
- A vulnerability has been identified in the ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform. ServiceNow has addressed this vulnerability by deploying a relevant security update to hosted instances in October 2025. Security updates have also been provided to ServiceNow self-hosted customers, partners, and hosted customers with unique configurations. Additionally, the vulnerability is addressed in the listed Store App versions. We recommend that customers promptly apply an appropriate security update or upgrade if they have not already done so.
- Source
- psirt@servicenow.com
- NVD status
- Analyzed
- Products
- now_assist_ai_agents, virtual_agent_api
CVSS 4.0
- Type
- Secondary
- Base score
- 9.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:C/RE:H/U:Amber
- Severity
- CRITICAL
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- psirt@servicenow.com
- CWE-250
- Hype score
- Not currently trending
Authentication at the perimeter is not authorization inside the workflow. CVE-2025-12420 documented exactly this: platforms authenticated the agent session correctly, then performed zero per-action authorization verification on tool calls. Unauthenticated attackers
@_MrDecentralize
26 Feb 2026
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#VulnerabilityReport #AIsecurity AI Identity Theft: Critical ServiceNow Flaw (CVE-2025-12420) Allows Unauthenticated Impersonation https://t.co/k6CsYcgVoq
@Komodosec
17 Feb 2026
77 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
BodySnatcher (CVE-2025-12420): A Broken Authentication and Agentic Hijacking Vulnerability in ServiceNow https://t.co/fMpCtUHfst #cyber #threathunting #infosec
@blueteamsec1
16 Feb 2026
467 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
🚨 NEW: "BodySnatcher" vulnerability (CVE-2025-12420) in ServiceNow's AI agents allowed attackers to impersonate ANY user—including admins—with just an email address. No password. No MFA. Just an email. Here's how a hardcoded secret turned AI agents into backdoors 🧵
@dennysentinel
12 Feb 2026
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
An attacker with just your email address could hijack ServiceNow AI agents to create admin accounts. BodySnatcher (CVE-2025-12420) is the first major 'agentic blast radius' vulnerability. Here's why it changes everything about enterprise security. https://t.co/91UaB6LNUf
@pulsemarkai
26 Jan 2026
34 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 BodySnatcher: ثغرة خطيرة بـ #ServiceNow #AI كانت تسمح بانتحال هوية المستخدمين دون مصادقة! كشفت #ServiceNow عن ثغرة "BodySnatcher" الحرجة (CVE-2025-12420) في منصة #ServiceNowAI. هذه الثغرة (CVSS
@glitch4techs
24 Jan 2026
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
BodySnatcher (CVE-2025-12420): A Broken Authentication and Agentic Hijacking Vulnerability in ServiceNow #cybersecurity #cybersecurityawareness #cybersecurityexpert https://t.co/bc4GN4yuq4
@mehrdad_sharbaf
22 Jan 2026
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
GitHub - cyberdudebivash/CYBERDUDEBIVASH-ServiceNow-AI-Agent-Audit-Script: This script audits ServiceNow AI Agents for vulnerabilities like CVE-2025-12420, governance gaps, and compliance risks. https://t.co/CfDsFUokAY
@akaclandestine
19 Jan 2026
727 Impressions
0 Retweets
3 Likes
6 Bookmarks
0 Replies
0 Quotes
CVE-2025-12420: How Static Secrets and AI Auto-Linking Broke ServiceNow MFA Read the full report on - https://t.co/gnvKOP9bsz https://t.co/klzs1Cj7Qq
@cyberbivash
19 Jan 2026
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 BodySnatcher: Critical ServiceNow AI Flaw Enables Unauthenticated User Impersonation A critical flaw (CVE-2025-12420) in ServiceNow’s Virtual Agent API and Now Assist AI Agents allows attackers to impersonate any user using only an email address, bypassing MFA/SSO due to a
@ThreatSynop
19 Jan 2026
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 BodySnatcher (CVE-2025-12420) Lets Unauthenticated Attackers Impersonate ServiceNow Users A critical ServiceNow AI Platform flaw (CVSS 9.3) could allow unauthenticated attackers to impersonate any user and execute actions with that user’s permissions, enabling data access,
@ThreatSynop
19 Jan 2026
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-12420: How a Hardcoded Secret and Auto-Linking Logic Weaponized ServiceNow’s Virtual Agent API Read the full report on - https://t.co/3QbjqDTxKj https://t.co/3xZ5OLYnoN
@cyberbivash
15 Jan 2026
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Warning: Critical privilege escalation vulnerability in the #ServiceNow AI Platform. CVE-2025-12420 CVSS: 9.6. An unauthenticated attacker can impersonate an other user and perform operations as that other user. More info: https://t.co/wTb539hE8q #Patch #Patch #Patch
@CCBalert
15 Jan 2026
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical Update: ServiceNow AI Platform flaw allows user impersonation! 😱CVE-2025-12420, CVSS 9.3! #ServiceNow #CyberSecurity #BodySnatcher Source: https://t.co/6KQNzDmXDA
@HackingRabbitS
15 Jan 2026
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
أطلقت @ServiceNow تحديثات أمنية طارئة لمعالجة ثغرة حرجة (CVE-2025-12420، بتقييم CVSS عند 9.3)، تسمح بوصول غير مصرح به. تعتمد آلية الهجوم على انتحال هويات المستخدمين عبر
@cyberscastx
15 Jan 2026
363 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
ServiceNow corrige falha crítica em sua plataforma de IA: um bug grave (CVE-2025-12420) permitia a usuários não autenticados se passar por outros e realizar ações arbitrárias; patch já disponível para versões essenciais para evitar riscos. https://t.co/fhcfZinK7N
@caveiratech
14 Jan 2026
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📢 𝐇𝐨𝐭 𝐨𝐟𝐟 𝐭𝐡𝐞 𝐩𝐫𝐞𝐬𝐬: 𝐂𝐕𝐄 𝐢𝐧𝐬𝐢𝐠𝐡𝐭𝐬! Learn how CVE-2025-12420 impacts ServiceNow AI, enables unauthorized access, and how to secure your SaaS systems against advanced impersonation and injection attacks.
@PurpleOps_io
14 Jan 2026
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📢 𝐇𝐨𝐭 𝐨𝐟𝐟 𝐭𝐡𝐞 𝐩𝐫𝐞𝐬𝐬: 𝐂𝐕𝐄 𝐢𝐧𝐬𝐢𝐠𝐡𝐭𝐬! CVE-2025-12420 exploits AI logic in ServiceNow to impersonate users without login-see how attackers bypass SSO and what to patch fast. 🔗 Get the complete details
@PurpleOps_io
14 Jan 2026
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical ServiceNow AI Platform Flaw Lets Unauthenticated Attackers Impersonate Users (CVE-2025-12420) CVE-2025-12420 enables unauthenticated user impersonation in ServiceNow’s AI Platform, allowing attackers to execute actions with a victim’s permissions and potentially
@ThreatSynop
14 Jan 2026
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
‼️ New Research Drop ‼️ I’m excited to share my latest @AppOmniSecurity Labs research: a CVSS 9.3 critical vulnerability in #ServiceNow’s AI platform. It's dubbed "BodySnatcher" (CVE-2025-12420) because of its novel exploit path: it allowed an unauthenticated atta
@ConspiracyProof
13 Jan 2026
7770 Impressions
28 Retweets
79 Likes
44 Bookmarks
1 Reply
3 Quotes
AI bug in ServiceNow allowed impersonation CVE-2025-12420 is patched, but some instances may still be exposed Update Now Assist and Virtual Agent components to the latest versions and tighten permissions to avoid account hijacks Did you patch yet? https://t.co/p32j13Xdm6
@superman_space
13 Jan 2026
76 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-12420: Por qué la identidad en plataformas de IA necesita un cambio fundamental ServiceNow acaba de revelar una vulnerabilidad crítica (CVSS 9.3) en su plataforma de IA que permite a un atacante NO AUTENTICADO suplantar a cualquier usuario y realizar acciones en
@dilithium3core
13 Jan 2026
64 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 ServiceNow patched a critical AI Platform flaw enabling unauthenticated user impersonation and actions as the victim. CVE-2025-12420 (CVSS 9.3) affects Now Assist and Virtual Agent. Fixed Oct 30. No known exploitation. 🔗 Details here → https://t.co/x4JNupmYTF
@TheHackersNews
13 Jan 2026
6722 Impressions
17 Retweets
65 Likes
7 Bookmarks
0 Replies
1 Quote
Critical ServiceNow AI flaw (CVE-2025-12420, 9.3 CVSS) allowed unauthenticated impersonation. Patch now! 🚨 Link: https://t.co/jLVdXxjuO7 #ServiceNow #Cybersecurity #Vulnerability #AIPlatform
@0xT3chn0m4nc3r
13 Jan 2026
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ServiceNow AI Platform hit by critical flaw CVE-2025-12420 allowing unauthenticated user impersonation and privilege escalation. Discovered by AppOmni in Oct 2025, remediation is underway. https://t.co/0XymddXiR3
@threatcluster
13 Jan 2026
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 Critical flaw in ServiceNow AI reveals enterprise blind spots WHAT PEOPLE SAW ServiceNow recently patched a critical vulnerability, CVE-2025-12420, in its AI Platform. On the surface, it seemed like a routine update to fix a bug before any exploits happened. WHAT WAS https
@photogrim_
13 Jan 2026
65 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical ServiceNow AI Platform Bug Lets Unauthenticated Attackers Impersonate Users (CVE-2025-12420) A CVSS 9.3 flaw in ServiceNow’s AI Platform can allow unauthenticated user impersonation, enabling privilege escalation and any actions permitted to the targeted account (
@ThreatSynop
13 Jan 2026
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-12420 (CVSS 9.3): Unauthenticated Privilege Escalation in ServiceNow AI Platform ServiceNow is vulnerable to unauthenticated privilege escalation in its AI Platform, allowing attackers to impersonate users and perform unauthorized actions without authentication. ht
@zoomeye_team
13 Jan 2026
5683 Impressions
24 Retweets
63 Likes
30 Bookmarks
0 Replies
1 Quote
ServiceNow's AI got hacked - CVE-2025-12420 allows unauthenticated users to impersonate anyone. Time to patch before the bad guys take control. #servicenow #cybersecurity #cve #vulnerability https://t.co/KLTuSJJsbQ
@xplain_it_again
13 Jan 2026
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-12420 A vulnerability has been identified in the ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform the operations tha… https://t.co/Fn7UedEo6D
@CVEnew
12 Jan 2026
194 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:servicenow:now_assist_ai_agents:*:*:*:*:*:*:*:*",
"matchCriteriaId": "981D4C38-EC4B-42F1-96D2-83B02403ABD2",
"versionEndExcluding": "5.1.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:now_assist_ai_agents:*:*:*:*:*:*:*:*",
"matchCriteriaId": "160208ED-E032-4B34-BC89-0AC7B2C0808A",
"versionEndExcluding": "5.2.19",
"versionStartIncluding": "5.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:virtual_agent_api:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B619348E-A16D-4A69-9CB6-58A2FFC0BAED",
"versionEndExcluding": "3.15.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:virtual_agent_api:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F8C6775-D097-491A-9246-0C691EB680E3",
"versionEndExcluding": "4.0.4",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]