Privilege escalation in Google Cloud Dialogflow Cx
CVE-2025-12952
A privilege escalation vulnerability exists in Google Cloud's Dialogflow CX. Dialogflow agent developers with Webhook editor permission are able to configure Webhooks using Dialogflow service agent access token authentication. This allow…
Vulnerability class: Privilege Escalation
EPSS: 0.003 (21.1th percentile) — read the EPSS interpretation.
Affected products
- Google Cloud Dialogflow Cx — versions 0