A recently disclosed ServiceNow flaw has come under scrutiny after the company confirmed that unknown threat actors exploited the vulnerability to gain unauthorized access to a number of customer instances. The issue, which first gained public attention through discussions on Reddit, prompted an emergency security update after evidence emerged that attackers had successfully queried customer data.

According to ServiceNow, the security issue affected certain customer environments and allowed an unauthenticated user, under specific circumstances, to obtain a higher level of access than intended. While the company has taken steps to address the problem, questions have surfaced regarding the ti...