CVE-2025-12420

🗓️ 12 Jan 2026 21:29:37Reported by SNType

cve🔗 web.nvd.nist.gov📰️ 9 Media mentions👁 26 Views

CVE-2025-12420: Unauthenticated privilege escalation in ServiceNow AI Platform resolved by security updates.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2025-12420	12 Jan 202621:59	–	circl
CNNVD	ServiceNow AI Platform 安全漏洞	12 Jan 202600:00	–	cnnvd
Cvelist	CVE-2025-12420 Unauthenticated Privilege Escalation in ServiceNow AI Platform	12 Jan 202621:29	–	cvelist
EUVD	EUVD-2025-206275	13 Jan 202600:30	–	euvd
NVD	CVE-2025-12420	12 Jan 202622:16	–	nvd
OSV	CVE-2025-12420	12 Jan 202622:16	–	osv
Positive Technologies	PT-2026-2305	12 Jan 202600:00	–	ptsecurity
RedhatCVE	CVE-2025-12420	13 Jan 202622:52	–	redhatcve
The Hacker News	⚡ Weekly Recap: Fortinet Exploits, RedLine Clipjack, NTLM Crack, Copilot Attack & More	19 Jan 202613:17	–	thn
The Hacker News	ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation	13 Jan 202611:47	–	thn

NVD

Node

servicenow now_assist_ai_agentsRange<5.1.18

servicenow now_assist_ai_agentsRange5.2.0–5.2.19

servicenow virtual_agent_apiRange<3.15.2

servicenow virtual_agent_apiRange4.0.0–4.0.4

[
  {
    "defaultStatus": "unaffected",
    "product": "Now Assist AI Agents",
    "vendor": "ServiceNow",
    "versions": [
      {
        "lessThanOrEqual": "5.1.17",
        "status": "affected",
        "version": "5.0.26",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "5.2.18",
        "status": "affected",
        "version": "5.0.26",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Virtual Agent API",
    "vendor": "ServiceNow",
    "versions": [
      {
        "lessThan": "3.15.2",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "4.0.4",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
support	www.support.servicenow.com/kb

17 Jun 2026 08:32Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.19.8

CVSS 410

EPSS0.1737

SSVC

CWE-250