CVE-2025-13476

Summary

Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection (DPI) systems to trivially identify and block proxy traffic, undermining censorship circumvention. (CWE-327)

Affected Software

VendorProductVersion RangeStatus
Rakuten ViberRakuten Viber Cloak - Android25.7.2.0g < 27.2.0.0gaffected
Rakuten ViberRakuten Viber Cloak - Windowsv25.6.0.0 < v27.3.0.0affected

Weaknesses

  • CWE-327 Use of a Broken or Risky Cryptographic Algorithm
  • CWE-693

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References