ServiceNow has addressed a severe security vulnerability, CVE-2025-12420, in its AI platform, allowing unauthenticated users to impersonate legitimate ones and execute unauthorized actions. Rated 9.3 out of 10 in severity, this flaw, discovered by AppOmni, was patched in hosted instances by October 30, 2025, with no evidence of exploitation before fixes. The vulnerability impacted Now Assist AI Agents and Virtual Agent API components, urging customers to upgrade to specific patched versions.
Security researchers raised alarms about configuration issues in enterprise AI systems, revealing potential second-order prompt injection attacks through agent discovery features. Such attacks can manipulate lower-privileged data fields, compromising higher-privileged agents to perform unauthorized actions. Challenges in balancing AI autonomy with security mitigations were highlighted, recommending strategies like human supervision and agent segmentation. For more details, visit ServiceNow’s website.
Source link
