ctipilot.ch

ServiceNow AI Platform sandbox escape — unauthenticated code execution within the platform (CVSS 9.5); hosted fixed server-side, self-hosted/partner patch listed family releases

cve · CVE-2026-6875 single-source

Coverage timeline
1
first 2026-07-13 → last 2026-07-13
Peak priority
notable
1 notable
Sources cited
2
2 hosts
Sections touched
1
trending-vulnerabilities
Co-occurring entities
0
no co-occurrence
ATT&CK techniques
2
pinned v19.1 · see below

Hunting pivots

ATT&CK techniques
Affected products
ServiceNow AI Platform

ATT&CK techniques

2 techniques observed across 1 entry — derived from entry metadata and body evidence, never asserted without a published entry behind it · pinned to MITRE ATT&CK v19.1 · compare on the matrix · Navigator layer (JSON)

Initial Access TA0001

T1190Exploit Public-Facing Application×1

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network. The weakness in the system can be a software bug, a temporary glitch, or a misconfiguration.

Evidence: 2026-07-13/servicenow-ai-platform-sandbox-escape-cve-2026-6875 · ATT&CK page ↗

Privilege Escalation TA0004

T1611Escape to Host×1

Adversaries may break out of a container or virtualized environment to gain access to the underlying host. This can allow an adversary access to other containerized or virtualized resources from the host level or to the host itself. In principle, containerized / virtualized resources should provide a clear separation of application functionality and be isolated from the host environment.

Evidence: 2026-07-13/servicenow-ai-platform-sandbox-escape-cve-2026-6875 · ATT&CK page ↗

Story timeline

  1. 2026-07-13CVE-2026-6875 — ServiceNow AI Platform sandbox escape lets an unauthenticated request execute code on the platform (CVSS 9.5)
    trending-vulnerabilitiesServiceNow patches an unauthenticated code-execution sandbox escape in its AI Platform; self-hosted and partner-managed instances are the residual exposure

Where this entity is cited

  • trending-vulnerabilities1

Source distribution

  • euvd.enisa.europa.eu1 (50%)
  • support.servicenow.com1 (50%)

explore in graph

Entries about ServiceNow AI Platform sandbox escape — unauthenticated code execution within the platform (CVSS 9.5); hosted fixed server-side, self-hosted/partner patch listed family releases (1)

2026-07-13 · view entry permalink →

NOTABLECVE-2026-6875NATOA2

CVE-2026-6875 — ServiceNow AI Platform sandbox escape lets an unauthenticated request execute code on the platform (CVSS 9.5)

ServiceNow disclosed CVE-2026-6875, a "Sandbox Escape in ServiceNow AI Platform" rated CVSS 4.0 9.5, in security bulletin KB3137947 published 2026-07-13 (ServiceNow, 2026-07-13; ENISA EUVD, 2026-07-13). Per ServiceNow, the flaw "could enable an unauthenticated user, in certain circumstances, to execute code within the ServiceNow platform" — an isolation failure in the AI Platform's code-execution environment. ServiceNow states it "addressed this vulnerability by deploying a security update to hosted instances," provided updates to self-hosted customers and partners, and is "not currently aware of exploitation against ServiceNow instances" (ServiceNow, 2026-07-13). Fixed releases are Zurich Patch 7b/9, Yokohama Patch 12 Hot Fix 1b/13, Australia Patch 2 and Brazil EA/GA. Because hosted instances were remediated server-side by the vendor, the live exposure is narrowed to self-hosted and partner-managed deployments that have not yet applied the update — a population that still includes public-sector and critical-infrastructure operators running ServiceNow ITSM, HR-service-delivery and case-management on-prem or through partners.

This vulnerability, tracked as CVE-2026-6875, could enable an unauthenticated user, in certain circumstances, to execute code within the ServiceNow platform.

We are not currently aware of exploitation against ServiceNow instances.

ServiceNow
vulnerability13 Jul 20:34Zsingle-sourceOpen finding ↗