ServiceNow Patches Critical AI Platform Vulnerability (CVE-2025-12420)

ServiceNow has fixed a critical vulnerability (CVE-2025-12420, CVSS 9.3) affecting its artificial intelligence (AI) platform. Dubbed BodySnatcher by AppOmni, this flaw allowed an unauthenticated attacker to impersonate a legitimate user and execute arbitrary actions on their behalf. The patch has been deployed, but no specific disclosure or exploitation date is mentioned. The vulnerability specifically impacted the AI functionalities of the platform.