ServiceNow Patches Critical Sandbox Escape Vulnerability – CVE-2024-8923 (CVSS 9.8)

by do son · October 30, 2024

ServiceNow, a leading cloud-based enterprise platform, has recently addressed two significant vulnerabilities, CVE-2024-8923 and CVE-2024-8924, which posed serious risks to organizations using its Now Platform. These vulnerabilities could enable unauthorized remote access, potentially exposing sensitive data and compromising platform integrity.

The first vulnerability, CVE-2024-8923, received a critical CVSS score of 9.8. This vulnerability, affecting ServiceNow’s Now Platform, specifically involved an input validation flaw that could allow unauthenticated users to execute arbitrary code remotely. According to ServiceNow, “this vulnerability could potentially enable an unauthenticated user to remotely execute code within the context of the Now Platform.”

The second vulnerability, CVE-2024-8924, rated at 7.5 on the CVSS scale, involves a blind SQL injection flaw. This vulnerability could enable an attacker to access unauthorized data within the Now Platform. By exploiting the blind SQL injection, an unauthenticated user could potentially retrieve sensitive information, risking exposure of confidential organizational data. ServiceNow emphasizes the importance of patching, stating that “if you have not done so already, we recommend applying security patches relevant to your instance as soon as possible”.

ServiceNow has released patches to address these vulnerabilities during its August and October 2024 Patching Programs. Users are strongly urged to apply the relevant security patches to their instances as soon as possible.

ServiceNow platforms have become increasingly attractive to threat actors, with attacks on government agencies, data centers, and major enterprises reported earlier this year. In July, attackers exploited older vulnerabilities (CVE-2024-4879, CVE-2024-5217, and CVE-2024-5178) to target ServiceNow instances, resulting in data breaches affecting high-profile organizations. These attacks highlight the ongoing risk that unpatched ServiceNow vulnerabilities pose to organizations across sectors.