Description

Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection (DPI) systems to trivially identify and block proxy traffic, undermining censorship circumvention. (CWE-327)

INFO

Published Date :

2026-03-05T16:53:32.465Z

Last Modified :

2026-03-06T10:36:09.154Z

Source :

certcc
AFFECTED PRODUCTS

The following products are affected by CVE-2025-13476 vulnerability.

Vendors Products
Rakuten Viber
  • Rakuten Viber Cloak - Android
  • Rakuten Viber Cloak - Windows
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-13476.

URL Resource
https://www.kb.cert.org/vuls/id/772695 cve-icon
https://www.viber.com/en/download/ cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System