AppOmni recently uncovered a critical security vulnerability in ServiceNow, tracked as CVE-2025-12420, allowing attackers to impersonate users via the ServiceNow Virtual Agent API and Now Assist AI Agents application. Dubbed “BodySnatcher,” this flaw enables unauthorized access to administrative functions, potentially leading to the creation of backdoor accounts and exposure of sensitive data. The vulnerability impacts on-premise ServiceNow instances using specific versions, including versions 5.0.24 to 5.2.18 for Now Assist AI Agents and 3.15.1 and earlier for the Virtual Agent API. Users are urged to upgrade to patched versions to mitigate risks. With AI-driven tools increasingly leveraged in enterprise environments, AppOmni emphasizes the need for stronger authentication measures to protect against such vulnerabilities. The situation highlights the importance of implementing robust security protocols, particularly as organizations integrate AI agents into sensitive processes. For ServiceNow customers, especially in Fortune 100 enterprises, proactive measures are essential for safeguarding against potential exploits.
Source link
