CVE-2025-12952
📋 TL;DR
A privilege escalation vulnerability in Google Cloud's Dialogflow CX allowed agent developers with Webhook editor permission to gain unauthorized project-level access. This could lead to unauthorized management of project resources and unexpected costs. Only Dialogflow CX users with Webhook editor permissions were affected.
💻 Affected Systems
- Google Cloud Dialogflow CX
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers gain full project-level access, enabling them to create, modify, or delete resources across all services in the project, leading to complete resource depletion and significant financial costs.
Likely Case
Unauthorized access to project resources resulting in unexpected service usage, configuration changes, and moderate financial impact from resource consumption.
If Mitigated
Minimal impact due to Google's server-side fix and proper access control monitoring.
🎯 Exploit Status
Exploitation requires authenticated access with Webhook editor permissions.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Server-side fix applied February 2025
Vendor Advisory: https://docs.cloud.google.com/dialogflow/docs/release-notes#June_12_2025
Restart Required: No
Instructions:
No customer action required. Google applied server-side fix automatically in February 2025.
🧯 If You Can't Patch
- Review and restrict Webhook editor permissions to trusted users only.
- Monitor Cloud Audit Logs for unusual project-level access attempts by Dialogflow agents.
🔍 How to Verify
Check if Vulnerable:
Check if your Dialogflow CX instance was active before February 2025 and had users with Webhook editor permissions.Check Version:
N/A - Cloud service automatically updatedVerify Fix Applied:
Verify that Google Cloud services are up-to-date and no unauthorized project access has occurred since February 2025.📡 Detection & Monitoring
Log Indicators:
- Unusual IAM permission changes from Dialogflow service accounts
- Unexpected resource creation/modification in Cloud Audit Logs
Network Indicators:
- Unusual API calls from Dialogflow agents to project management services
SIEM Query:
N/A