Critical ServiceNow AI Platform Flaw Allows Unauthenticated Remote Code Execution
ServiceNow has fixed a critical vulnerability that could allow an unauthenticated remote attacker to execute code within the ServiceNow AI Platform. The sandbox escape flaw, tracked as CVE-2026-6875, affects hosted and self-hosted environments running vulnerable platform releases.
The vulnerability carries a CVSS 4.0 score of 9.5 out of 10. According to the ServiceNow security advisory KB3137947, an attacker could exploit the issue without signing in under certain circumstances.
Access content across the globe at the highest speed rate.
70% of our readers choose Private Internet Access
70% of our readers choose ExpressVPN
Browse the web from multiple devices with industry-standard security protocols.
Faster dedicated servers for specific actions (currently at summer discounts)
ServiceNow has already deployed a security update to hosted instances. The company has also released patches and fixed family versions for self-hosted customers and partners. Administrators who manage their own deployments should confirm their release and apply the appropriate update immediately.
What Is CVE-2026-6875?
CVE-2026-6875 is a sandbox escape and remote code execution vulnerability in the ServiceNow AI Platform. A sandbox normally limits what code or a process can access. A successful escape can allow code to operate outside those intended restrictions.
The official CVE-2026-6875 record states that an unauthenticated user could execute code within the ServiceNow platform in certain circumstances. ServiceNow has not described every prerequisite or the complete execution path in its public advisory.
| Vulnerability detail | Information |
|---|---|
| CVE identifier | CVE-2026-6875 |
| Affected product | ServiceNow AI Platform |
| Vulnerability type | Sandbox escape and remote code execution |
| Authentication required | No |
| User interaction required | No |
| Attack vector | Network |
| Attack complexity | High |
| CVSS version and score | CVSS 4.0, 9.5 Critical |
| Known exploitation | None reported by ServiceNow as of July 16, 2026 |
The U.S. National Vulnerability Database lists the issue under CWE-94, Improper Control of Generation of Code. The NVD entry for CVE-2026-6875 currently marks the record as awaiting further enrichment, meaning NIST has not yet added its own independent severity assessment.
Why the ServiceNow Vulnerability Is Critical
Organizations use ServiceNow to manage IT operations, employee workflows, customer services, security incidents, assets and internal business processes. These environments can contain operational records, user information, integration details and connections to other enterprise systems.
Remote code execution could give an attacker significant control within the affected platform. The precise actions available would depend on the vulnerable component, instance configuration, installed applications and privileges assigned to the exploited process.
Possible consequences could include:
- Access to sensitive records handled by the affected platform component
- Unauthorized changes to workflows or application data
- Disruption of IT and business processes
- Abuse of integrations connected to the ServiceNow instance
- Execution of follow-on actions within the compromised environment
- Loss of confidentiality, integrity and availability
The CVSS vector assigns high impact ratings across both vulnerable and subsequent systems. It also records no authentication or user interaction requirement. However, the high attack-complexity rating suggests that successful exploitation depends on conditions beyond sending a simple request.
Affected and Fixed ServiceNow Releases
The vulnerability affects ServiceNow AI Platform releases earlier than the fixed versions listed below. Customers should check the exact patch level rather than relying only on the family name.
| Release family | Fixed release or patch |
|---|---|
| Brazil | Brazil Early Access or Brazil General Availability |
| Australia | Australia Patch 2 |
| Zurich | Zurich Patch 7b or Zurich Patch 9 |
| Yokohama | Yokohama Patch 12 Hot Fix 1b or Yokohama Patch 13 |
The alternatives shown for Zurich and Yokohama reflect separate supported patch branches. Administrators should select the update that matches their current release path and confirm compatibility with installed applications, integrations and customizations.
The ServiceNow CVE-2026-6875 advisory recommends applying the appropriate update or upgrading to a patched release promptly. Self-hosted customers may need a Now Support account to access additional maintenance instructions linked from the advisory.
Hosted and Self-Hosted Customers Need Different Checks
ServiceNow says it pushed the security update to hosted instances. Hosted customers should still verify their instance status through their ServiceNow support contacts, change records or administrative maintenance information.
Self-hosted customers and partners must install the relevant security update themselves. These organizations should inventory every production, development, testing and disaster-recovery instance because non-production systems may contain copied data or trusted connections.
| Deployment type | Recommended action |
|---|---|
| ServiceNow-hosted instance | Confirm that ServiceNow applied the security update and document the installation status. |
| Self-hosted instance | Identify the release family, obtain the correct patch and complete an accelerated deployment. |
| Development or test instance | Patch the instance and check whether it contains production data, credentials or active integrations. |
| Partner-managed environment | Request written confirmation of the installed fixed version from the responsible provider. |
The official CVE record treats releases earlier than the specified fixed versions as affected. Organizations should avoid assuming that an older hot fix includes the correction unless ServiceNow explicitly confirms it.
How Organizations Should Respond
Security teams should make patch verification the first priority. They should then review relevant records for unusual behavior, especially if an instance remained on an affected version after the update became available.
- Inventory all hosted, self-hosted and partner-managed ServiceNow instances.
- Record the release family, patch level and hosting model for each instance.
- Upgrade every affected instance to an appropriate fixed release.
- Verify the update after installation and retain evidence for compliance reviews.
- Review privileged accounts, recently created users and unexpected role assignments.
- Check administrative activity, integrations, API requests and workflow changes for anomalies.
- Investigate unexpected scripts, application changes or configuration modifications.
- Confirm that logging reaches the organizationโs SIEM or security monitoring platform.
Teams should also review secrets stored in scripts, integrations and workflow configurations. If an investigation finds evidence of unauthorized code execution, responders should isolate affected integrations and rotate exposed credentials, tokens and keys.
ServiceNow said it was not aware of exploitation against customer instances when it published the advisory. The National Vulnerability Database record also showed no reported exploitation when last updated.
FAQ
CVE-2026-6875 is a critical sandbox escape and remote code execution vulnerability in the ServiceNow AI Platform. It could allow an unauthenticated user to execute code under certain circumstances.
ServiceNow assigned the vulnerability a CVSS 4.0 score of 9.5, which carries a Critical severity rating.
No. The official vulnerability record states that an attacker does not need authentication. User interaction is also not required, although the attack complexity is rated high.
Fixed versions include Brazil Early Access and General Availability, Australia Patch 2, Zurich Patch 7b or Patch 9, and Yokohama Patch 12 Hot Fix 1b or Patch 13.
ServiceNow reported no known exploitation against customer instances as of July 16, 2026. Organizations should still patch promptly because the vulnerability permits unauthenticated remote code execution under certain conditions.
ServiceNow says it deployed the security update to hosted instances. Customers should verify that their instances received the update. Self-hosted customers must install the appropriate patch or upgrade themselves.
Read our disclosure page to find out how can you help VPNCentral sustain the editorial team Read more
User forum
0 messages