A critical security threat to ServiceNow AI Platform deployments, allowing unauthenticated attackers to impersonate legitimate users and execute unauthorized operations. The vulnerability, CVE-2025-12420, was discovered by AppOmni, a SaaS security firm, and disclosed to ServiceNow in October 2025, prompting immediate remediation efforts. The privilege escalation flaw within ServiceNow’s AI Platform infrastructure enables attackers without authentication […]
The post Critical ServiceNow Vulnerability Enables Privilege Escalation Via Unauthenticated User Impersonation appeared first on Cyber Security News.
This article has been indexed from Cyber Security News
Read the original article: