216.73.216.170

CVE-2025-13427

· Published 18/12/2025 22:15 · Modified 19/12/2025 18:00

Labels: CVE-2025-13427 2025-12-18CVE-2025-13427f45cbf4e-4146-4068-b7e1-655ffc2c548c

Essential information

Published
18/12/2025 22:15
Modified
19/12/2025 18:00
Author
Creator
CVSS
6.9 MEDIUM (v3) 6.9 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

An authentication bypass vulnerability in Google Cloud Dialogflow CX Messenger allowed unauthenticated users to interact with restricted chat agents, gaining access to the agents' knowledge and the ability to trigger their intents, by manipulating initialization parameters or crafting specific API requests. All versions after August 20th, 2025 have been updated to protect from this vulnerability. No user action is required for this.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
f45cbf4e-4146-4068-b7e1-655ffc2c548c
NVD
View on NVD

References