GOOGLE has fixed a critical vulnerability in its Dialogflow CX AI platform, reported by Varonis, that allowed attackers to exfiltrate data from AI agents and chatbots. This flaw, dubbed "Rogue Agent," involved a permission boundary issue that permitted malicious code injection into Dialogflow's execution pipeline, enabling attackers to conduct phishing campaigns. The vulnerability was patched after being reported in late 2025, with no known compromises. Varonis highlights the importance of reviewing AI infrastructure security, as vulnerabilities can stem from misconfigurations in cloud services.
Google patches Dialogflow CX flaw that let attackers hijack AI agents
CyberSIXT Evidence Panel
Primary Source
varonis.com
Article by CyberSIXT
Timeline Coverage
Swipe to explore timeline
-
Google patches Dialogflow CX flaw that let attackers hijack AI agents
www.darkreading.com
-
Google Dialogflow CX flaw could let attackers hijack chatbots
cybersixt.com