ServiceNow patches critical security flaw which could allow user impersonation

• ServiceNow patches critical AI Platform flaw (CVE-2025-12420) enabling user impersonation
• “BodySnatcher” scored 9.3/10 and affected multiple app versions
• No exploitation seen yet; experts warn unpatched systems remain at risk post-fix

ServiceNow, one of the most popular cloud platforms for automating IT and business workflows, has said it recently patched a critical-severity vulnerability which allowed threat actors to impersonate other users and perform arbitrary actions in their stead.

The company revealed SaaS security outfit AppOmni notified it of a critical privilege escalation vulnerability within its AI Platform in October 2025. Following an investigation, the company started tracking the bug as CVE-2025-12420 and gave it a severity score of 9.3/10 (critical).

“This issue [...] could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform,” the advisory reads. “On October 30, 2025, ServiceNow addressed this vulnerability by deploying a ...