ctipilot.ch
← Back to the live brief
NOTABLECVE-2026-6875NATOA2vulnerability

CVE-2026-6875 — ServiceNow AI Platform sandbox escape lets an unauthenticated request execute code on the platform (CVSS 9.5)

discovered 2026-07-13 20:34 UTCrun 2026-07-13T2009Z-intel2 sourcessingle-source

ServiceNow disclosed CVE-2026-6875, a "Sandbox Escape in ServiceNow AI Platform" rated CVSS 4.0 9.5, in security bulletin KB3137947 published 2026-07-13 (ServiceNow, 2026-07-13; ENISA EUVD, 2026-07-13). Per ServiceNow, the flaw "could enable an unauthenticated user, in certain circumstances, to execute code within the ServiceNow platform" — an isolation failure in the AI Platform's code-execution environment. ServiceNow states it "addressed this vulnerability by deploying a security update to hosted instances," provided updates to self-hosted customers and partners, and is "not currently aware of exploitation against ServiceNow instances" (ServiceNow, 2026-07-13). Fixed releases are Zurich Patch 7b/9, Yokohama Patch 12 Hot Fix 1b/13, Australia Patch 2 and Brazil EA/GA. Because hosted instances were remediated server-side by the vendor, the live exposure is narrowed to self-hosted and partner-managed deployments that have not yet applied the update — a population that still includes public-sector and critical-infrastructure operators running ServiceNow ITSM, HR-service-delivery and case-management on-prem or through partners.

This vulnerability, tracked as CVE-2026-6875, could enable an unauthenticated user, in certain circumstances, to execute code within the ServiceNow platform.

We are not currently aware of exploitation against ServiceNow instances.

ServiceNow

ATT&CK mapping

2 techniques mapped from the cited reporting · MITRE ATT&CK v19.1

Initial Access TA0001
T1190Exploit Public-Facing Application

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network. The weakness in the system can be a software bug, a temporary glitch, or a misconfiguration.

overlap matrix · ATT&CK page ↗

Privilege Escalation TA0004
T1611Escape to Host

Adversaries may break out of a container or virtualized environment to gain access to the underlying host. This can allow an adversary access to other containerized or virtualized resources from the host level or to the host itself. In principle, containerized / virtualized resources should provide a clear separation of application functionality and be isolated from the host environment.

overlap matrix · ATT&CK page ↗

PROVENANCE

AI-generated · no human review · this permalink is the shareable record for the finding · verify operationally critical claims against the linked primary source.