ServiceNow reveals attackers exploited flaw to access customer data
- Source
- BleepingComputer
- Time
- 11:10 PM
- Weight
- 94/100
ServiceNow has disclosed a security incident involving an unauthenticated access flaw that allowed attackers to query data from customer instances. The company detected anomalous activity linked to a vulnerable API endpoint and issued a security update to its hosted customer instances on June 5, 2026.
While the specific nature of the accessed data has not been detailed, the vulnerability reportedly enabled unauthorized users to bypass authentication requirements to view internal database tables, which often contain sensitive enterprise information and support tickets. The issue appears to stem from a REST endpoint configuration that incorrectly allowed unauthenticated requests.