- ServiceNow patches critical AI Platform flaw (CVE-2025-12420) enabling user impersonation
- “BodySnatcher” scored 9.3/10 and affected multiple app versions
- No exploitation seen yet; experts warn unpatched systems remain at risk post-fix
ServiceNow, a leading platform for automating IT and business workflows, has announced the resolution of a critical vulnerability that allowed malicious actors to impersonate users and execute unauthorized actions.
The vulnerability, identified by SaaS security firm AppOmni, was reported in October 2025 and tracked as CVE-2025-12420, receiving a critical severity score of 9.3/10.
According to the advisory, “This issue [...] could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform.” On October 30, 2025, ServiceNow deployed a security update to most hosted instances, along with updates for partners and self-hosted customers. The vulnerability has also been addressed in the specified Store App versions.
Biggest bug ever?
The patches were released for these versions:
Now Assist AI Agents (sn_aia) - 5.1.18 or later and 5.2.19 or later
Virtual Agent API (sn_va_as_service) - 3.15.2 or later and 4.0.4 or later
Currently, there is no evidence of the vulnerability being exploited in the wild. However, it is not uncommon for vulnerabilities to be targeted after a fix is released, as many organizations fail to apply patches promptly.
AppOmni, the firm that discovered the flaw, has named it “BodySnatcher.”
According to a researcher, "BodySnatcher is the most severe AI-driven vulnerability uncovered to date: Attackers could have effectively 'remote controlled' an organization's AI, weaponizing the very tools meant to simplify the enterprise," as reported by The Hacker News.
Via The Hacker News