CVE-2026-0542
Remote Code Execution in ServiceNow AI Platform Sandbox
Publication date: 2026-02-25
Last updated on: 2026-02-25
Assigner: ServiceNow
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| servicenow | ai_platform | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-653 | The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a remote code execution issue found in the ServiceNow AI platform. It allows an unauthenticated user, under certain conditions, to execute code within the ServiceNow Sandbox environment.
How can this vulnerability impact me? :
The vulnerability could allow an attacker to run arbitrary code remotely without authentication, potentially compromising the integrity and security of the ServiceNow environment. This could lead to unauthorized actions or data manipulation within the ServiceNow Sandbox.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, customers should promptly apply the appropriate security updates or upgrade their ServiceNow instances if they have not already done so.
ServiceNow has deployed security updates to hosted instances, and relevant security updates have also been provided to self-hosted customers and partners.
Applying the listed patches and hot fixes is recommended to address this remote code execution vulnerability in the ServiceNow AI platform.