- ServiceNow patches critical AI Platform flaw (CVE-2025-12420) enabling user impersonation
- “BodySnatcher” scored 9.3/10 and affected multiple app versions
- No exploitation seen yet; experts warn unpatched systems remain at risk post-fix
ServiceNow, one of the most popular cloud platforms for automating IT and business workflows, has said it recently patched a critical-severity vulnerability which allowed threat actors to impersonate other users and perform arbitrary actions in their stead.
The company revealed SaaS security outfit AppOmni notified it of a critical privilege escalation vulnerability within its AI Platform in October 2025. Following an investigation, the company started tracking the bug as CVE-2025-12420 and gave it a severity score of 9.3/10 (critical).
“This issue […] could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform,” the advisory reads. “On October 30, 2025, ServiceNow addressed this vulnerability by deploying a relevant security update to the majority of hosted instances,” it further stated. “Security updates were also provided to ServiceNow partners and self-hosted customers. Additionally, the vulnerability is addressed in the listed Store App versions.”
Biggest bug ever?
The patches were released for these versions:
Now Assist AI Agents (sn_aia) – 5.1.18 or later and 5.2.19 or later
Virtual Agent API (sn_va_as_service) – 3.15.2 or later and 4.0.4 or later
So far, there is no evidence that the vulnerability is being abused in the wild. However, it’s not unusual for a bug to start being exploited only after the release of a fix. Many cybercriminals don’t have the knowledge or the resources to hunt for zero-days, and instead just rely on the fact that many businesses fail to patch their software on time.
AppOmni, who discovered the flaw, dubbed it “BodySnatcher”.
“BodySnatcher is the most severe AI-driven vulnerability uncovered to date: Attackers could have effectively ‘remote controlled’ an organization’s AI, weaponizing the very tools meant to simplify the enterprise,” a researcher told The Hacker News.
Via The Hacker News
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
