Why is this an issue?

It's bad practice to utilize Ui Policies to protect Read Only fields because a user could update them via List View; instead, such fields should be secured with ACLs to prevent future modifications and boost security.

Fields like Planned Start date and End Date are sensitive information and should not be changed. Consider the following scenario: a Planned Start date begins at xx/xx/xxxx and is changed to yy/xx/xxxx through List View. There is no longer a valid start date for that value and future reports will not be accurate.

Best practices

When securing an important field, create a ACL Access Control Rule. ACLs will block any changes to the field unless Elevated privilege is granted.

Check the official ServiceNow Documentation to learn more about ACL best practices.