Sign up to save your podcasts
Or
Share Chaining Three Bugs to Access All Your ServiceNow Data (Live Q&A)
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Chaining Three Bugs to Access All Your ServiceNow Data (Live Q&A)
On May 14th, 2024, we disclosed a chain of vulnerabilities to ServiceNow, resulting in 3 new CVEs. This series of security issues affected all Vancouver and Washington ServiceNow instances (around 42,000 globally), allowing an attacker to execute code on the instance.
In this live Q&A, Assetnote security researcher Adam Kues explains his approach to how he found these vulnerabilities, highlighted in our recent research post. He is joined by hosts, Michael Gianarakis and Shubham Shah.
Congratulations to Adam on being credited with CVE-2024-4879, CVE-2024-5178, and CVE-2024-5217!
To learn more about Assetnote, visit https://www.assetnote.io/.
View all episodes
By AssetnoteOn May 14th, 2024, we disclosed a chain of vulnerabilities to ServiceNow, resulting in 3 new CVEs. This series of security issues affected all Vancouver and Washington ServiceNow instances (around 42,000 globally), allowing an attacker to execute code on the instance.
In this live Q&A, Assetnote security researcher Adam Kues explains his approach to how he found these vulnerabilities, highlighted in our recent research post. He is joined by hosts, Michael Gianarakis and Shubham Shah.
Congratulations to Adam on being credited with CVE-2024-4879, CVE-2024-5178, and CVE-2024-5217!
To learn more about Assetnote, visit https://www.assetnote.io/.