Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
New ServiceNow flaw lets attackers enumerate restricted data
Malware and Vulnerabilities
July 09, 2025
bleepingcomputer
A critical vulnerability in ServiceNow, tracked as CVE-2025-3648 and dubbed Count(er) Strike, allows low-privileged users to enumerate restricted data from protected tables. The flaw stems from overly permissive Access Control List configurations.
Read More
ServiceNow ACL
Publisher
Previous
Canadian media giant Rogers named as victim of Chinese ...
Breaches and Incidents
Next
New Android TapTrap attack fools users with invisible U ...
Threat Intel & Info Sharing
/https://cyware-ent.s3.amazonaws.com/public_image/nextgov34cf41ac-1e7e-450d-92ef-2eff00855a27.jpg)
/https://cyware-ent.s3.amazonaws.com/public_image/bleepingcomputerae7e2f4a-5264-4a8c-83c0-ecddb96cddd0.jpg)
