SNOW-12.2: Latent Memory Poisoning in Agent Memory
๐จ Critical ยท ServiceNow Memory Safety
Detects suspicious instruction-like patterns embedded in sn_aia_memory records. When an adversary injects role-assumption directives, system prompt overrides, or instruction fragments into a user's long-term memory profile, the payload persists across sessions โ silently altering the agent's reasoning every time it interfaces with that identity. This is the ServiceNow equivalent of a persistent prompt injection backdoor.
Detailsโ
| Field | Value |
|---|---|
| Rule ID | SNOW-12.2 |
| Severity | Critical |
| Category | ServiceNow Memory Safety |
| Platforms | servicenow |
| Compliance | EU_AI_ACT_HIGH_RISK, NIST_AI_RMF |
Remediationโ
Refer to the SquireX documentation for
remediation guidance specific to SNOW-12.2.