Data Inference Vulnerability in Now Platform by ServiceNow
CVE-2025-3648

8.2HIGH

Key Information:

Vendor

Servicenow

Status
Now Platform
Vendor
CVE Published:
8 July 2025

Badges

📈 Score: 268👾 Exploit Exists📰 News Worthy

What is CVE-2025-3648?

CVE-2025-3648 is a data inference vulnerability present in the Now Platform developed by ServiceNow, a cloud-based platform designed to facilitate IT service management, operations management, and business workflow solutions. This vulnerability allows both unauthenticated and authenticated users to exploit specific configurations of access control lists (ACLs) to infer sensitive instance data that is not authorized for their access. In scenarios where ACLs are incorrectly configured, attackers can utilize range query requests to uncover data, leading to unauthorized information disclosure. The potential for data leakage poses a substantial risk to organizations, as it can result in significant breaches of privacy and compliance violations.

To mitigate the risks associated with this vulnerability, ServiceNow has introduced new access control frameworks, including Query ACLs, Security Data Filters, and Deny-Unless ACLs in its updates. These enhancements are designed to reinforce customer access controls and protect sensitive information within the platform.

Potential impact of CVE-2025-3648

  1. Unauthorized Data Access: The main impact of CVE-2025-3648 is the potential for unauthorized individuals to access sensitive data that should remain confidential. This could lead to exposure of personal information, proprietary business data, and other sensitive materials.

  2. Compliance Risks: Organizations are bound by various regulations concerning data protection and privacy, such as GDPR or HIPAA. The exploitation of this vulnerability could result in non-compliance, leading to monetary penalties and reputational damage.

  3. Loss of Trust: The ability to infer sensitive data through this vulnerability can severely undermine the trust of customers and stakeholders in an organization. Breaches stemming from this vulnerability can erode confidence, potentially resulting in decreased customer loyalty and adverse impacts on business relationships.

Affected Version(s)

Now Platform Aspen

News Articles

favicon imageThe Hacker News

ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs

ServiceNow's CVE-2025-3648 flaw exposes sensitive data across multiple tables, impacting all users with misconfigured ACLs.

1 month ago

favicon imageSC Media

ServiceNow issues CVE for high-severity ACL bug

Varonis says attackers could easily expose ServiceNow data tables by combining enumeration techniques with common query filters.

1 month ago

References

https://support.servicenow.com/kb?id=kb_article_view&sysp...
vendor-advisory
https://support.servicenow.com/kb?id=kb_article_view&sysp...
permissions-required
https://support.servicenow.com/kb?id=kb_article_view&sysp...
permissions-required

CVSS V4

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by SC Media

  • Vulnerability published

  • Vulnerability Reserved

Credit

Tomasz Bukowski (keidii)
Neta Armon
.