A recent vulnerability in ServiceNow, called Count(er) Strike, allows low-privileged users to access sensitive data through misconfigured ACLs. ServiceNow has implemented new security measures, but organizations should review their table permissions to prevent exploitation. #Count(er)Strike #ServiceNow #ACLvulnerability #DataLeak
Keypoints
- The Count(er) Strike flaw enables partial data access despite restrictive ACLs in ServiceNow.
- The vulnerability was discovered by Varonis Threat Labs and assigned CVE-2025-3648.
- ServiceNow addressed the issue by introducing βDeny Unlessβ ACLs and other security features.
- Attackers can use URL-based filters to enumerate data, including sensitive records.
- Organizations should review and modify their ACL configurations to mitigate risks.