ServiceNow patches critical AI Platform vulnerability enabling user impersonation

ServiceNow has addressed a critical vulnerability within its AI Platform that could have allowed threat actors to impersonate users and execute arbitrary actions. The flaw, tracked as CVE-2025-12420 and dubbed "BodySnatcher" by its discoverers, received a CVSS severity score of 9.3 out of 10. While no exploitation has been observed yet, unpatched systems remain at risk, according to reporting by Tech Radar.

The vulnerability, discovered by AppOmni, could enable an unauthenticated user to impersonate another user and perform actions within their entitled scope. ServiceNow released security updates on October 30, 2025, for the majority of its hosted instances, and provided patches to partners and self-hosted customers. Affected applications include Now Assist AI Agents (versions 5.1.18 and 5.2.19 or later) and Virtual Agent API (versions 3.15.2 and 4.0.4 or later). Researchers described "BodySnatcher" as the most severe AI-driven vulnerability uncovered to date, potentially allowing attackers to gain control of an organization's AI tools.

The patching of this critical flaw highlights the ongoing challenges in securing AI-powered platforms. While ServiceNow has deployed fixes, the delay between vulnerability discovery and patching, coupled with the common practice of delayed patching by organizations, means that many systems could remain vulnerable.

Source: Tech Radar