CVE-2025-12420
Published: 12 January 2026
Summary
CVE-2025-12420 is a critical-severity Execution with Unnecessary Privileges (CWE-250) vulnerability in Servicenow Now Assist Ai Agents. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 16.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as Other AI Platforms.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and IA-2 (Identification and Authentication (Organizational Users)).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Mandates unique identification and authentication for organizational users, directly preventing unauthenticated impersonation in the ServiceNow AI Platform.
Enforces approved access authorizations for system resources, blocking impersonated users from performing unauthorized operations.
Requires timely remediation of flaws like CVE-2025-12420 through applying vendor security updates and patches.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct unauthenticated user impersonation in a public-facing SaaS platform enables remote exploitation (T1190) and identity assumption (T1656).
NVD Description
A vulnerability has been identified in the ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform. ServiceNow has addressed this vulnerability by deploying a…
more
relevant security update to hosted instances in October 2025. Security updates have also been provided to ServiceNow self-hosted customers, partners, and hosted customers with unique configurations. Additionally, the vulnerability is addressed in the listed Store App versions. We recommend that customers promptly apply an appropriate security update or upgrade if they have not already done so.
Deeper analysisAI
CVE-2025-12420, published on 2026-01-12, is a critical vulnerability (CVSS 9.8; CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) in the ServiceNow AI Platform, associated with CWE-250. The flaw enables an unauthenticated user to impersonate another user and perform any operations that the impersonated user is entitled to execute.
An unauthenticated attacker with network access can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation allows the attacker to assume the identity and privileges of the target user, potentially compromising confidentiality, integrity, and availability through unauthorized actions within the platform.
ServiceNow addressed the vulnerability by deploying a security update to hosted instances in October 2025, with updates also provided to self-hosted customers, partners, and hosted customers with unique configurations. The issue is fixed in the listed Store App versions. Customers are advised to promptly apply the relevant security update or upgrade. Additional details are available in the advisory at https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2587329.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Other AI Platforms
- Risk Domain
- N/A
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: ai