- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi everyone,
I tried to install an application we had stored under My Company Applications in our personal instance (PDI) running the Zurich release, and I encountered the following error:
When checking this ACL record, I noticed that it references a security_attribute named "SAC_1818458457" with sys_id = bc91c2a5f334621048dff3d264780663.
This security_attribute was created by a user called "@@snc_write_audit@@" on 12/05/2025 (dd/mm/yyyy), which is not a user from my instance.
After searching for more information, I found KB2046494, which explains that such records might have been created as part of a temporary security patch to mitigate a vulnerability. From what I understood in that KB, the issue was already resolved around July.
What I’d like to understand is:
What exactly is the purpose of this security_attribute?
Why is it missing in new instances (it’s not present in my newly created PDI)?
Since it doesn’t exist in new instances, can I safely remove this security_attribute from my app’s ACLs without causing any issues?
If I shouldn’t remove it, how can I prevent this installation error from occurring?
Thanks in advance for any clarification!
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
My pointers:
Purpose: The security_attribute was a temporary access control element added by ServiceNow to address a security vulnerability in May 2025.
-> Missing in New Instances: New Zurich PDIs do not contain these attributes, as they were deprecated and removed after permanent fixes.
-> Safe to Remove: Yes, you can safely remove the reference to the missing security_attribute from ACLs; it is no longer needed and only causes errors.
-> How to Prevent Error: Delete the security_attribute references from ACLs before exporting or installing the app on new instances.- The security_attribute was a temporary security control added by ServiceNow to mitigate a vulnerability in May 2025.
-> It is missing in new Zurich instances because it was removed after ServiceNow applied a permanent fix.
-> You can safely remove references to this security_attribute from your ACLs; it is not needed in updated environments.
-> To avoid installation errors, clear the security_attribute field from ACLs before installing or exporting your app.
💡 If my response helped, please mark it as correct ✔️ and close the thread 🔒 — this helps future readers find the solution faster! 🙏
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
My pointers:
Purpose: The security_attribute was a temporary access control element added by ServiceNow to address a security vulnerability in May 2025.
-> Missing in New Instances: New Zurich PDIs do not contain these attributes, as they were deprecated and removed after permanent fixes.
-> Safe to Remove: Yes, you can safely remove the reference to the missing security_attribute from ACLs; it is no longer needed and only causes errors.
-> How to Prevent Error: Delete the security_attribute references from ACLs before exporting or installing the app on new instances.- The security_attribute was a temporary security control added by ServiceNow to mitigate a vulnerability in May 2025.
-> It is missing in new Zurich instances because it was removed after ServiceNow applied a permanent fix.
-> You can safely remove references to this security_attribute from your ACLs; it is not needed in updated environments.
-> To avoid installation errors, clear the security_attribute field from ACLs before installing or exporting your app.
💡 If my response helped, please mark it as correct ✔️ and close the thread 🔒 — this helps future readers find the solution faster! 🙏
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hope you are doing good.
Did my reply answer your question?
💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Yes, it helped a lot, sorry for not accepting the solution
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Refer below article w.r.t Common Vulnerabilities and Exposures for more details
https://www.cve.org/CVERecord?id=CVE-2025-3648
https://noderegister.service-now.com/kb?id=kb_article_view&sysparm_article=KB2139567
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2256712
If this helped to answer your query, please mark it helpful & accept the solution.
Thanks,
Bhuvan
