January 15, 2026 // Vulnerability | #CVE-2025-12420 #User Impersonation #ServiceNow AI Platform

ServiceNow patches critical AI Platform vulnerability enabling user impersonation - SC Media

ServiceNow has patched CVE-2025-12420, dubbed "BodySnatcher," a critical AI Platform vulnerability with a CVSS score of 9.3. This flaw allowed unauthenticated attackers to impersonate users and execute arbitrary actions within affected Now Assist AI Agents and Virtual Agent APIs.

Source: Original Report ↗
← Back to Feed