Total
8 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-4428 | 1 Cloudflare | 1 Warp | 2023-01-19 | N/A | 8.0 HIGH |
| support_uri parameter in the WARP client local settings file (mdm.xml) lacked proper validation which allowed for privilege escalation and launching an arbitrary executable on the local machine upon clicking on the "Send feedback" option. An attacker with access to the local file system could use a crafted XML config file pointing to a malicious file or set a local path to the executable using Cloudflare Zero Trust Dashboard (for Zero Trust enrolled clients). | |||||
| CVE-2022-4457 | 1 Cloudflare | 1 Warp | 2023-01-18 | N/A | 5.5 MEDIUM |
| Due to a misconfiguration in the manifest file of the WARP client for Android, it was possible to a perform a task hijacking attack. An attacker could create a malicious mobile application which could hijack legitimate app and steal potentially sensitive information when installed on the victim's device. | |||||
| CVE-2022-3512 | 1 Cloudflare | 1 Warp | 2022-11-01 | N/A | 8.8 HIGH |
| Using warp-cli command "add-trusted-ssid", a user was able to disconnect WARP client and bypass the "Lock WARP switch" feature resulting in Zero Trust policies not being enforced on an affected endpoint. | |||||
| CVE-2022-3320 | 1 Cloudflare | 1 Warp | 2022-10-31 | N/A | 9.8 CRITICAL |
| It was possible to bypass policies configured for Zero Trust Secure Web Gateway by using warp-cli 'set-custom-endpoint' subcommand. Using this command with an unreachable endpoint caused the WARP Client to disconnect and allowed bypassing administrative restrictions on a Zero Trust enrolled endpoint. | |||||
| CVE-2022-2225 | 1 Cloudflare | 1 Warp | 2022-08-01 | N/A | 7.8 HIGH |
| By using warp-cli subcommands (disable-ethernet, disable-wifi), it was possible for a user without admin privileges to bypass configured Zero Trust security policies (e.g. Secure Web Gateway policies) and features such as 'Lock WARP switch'. | |||||
| CVE-2022-2145 | 1 Cloudflare | 1 Warp | 2022-07-08 | 7.2 HIGH | 7.8 HIGH |
| Cloudflare WARP client for Windows (up to v. 2022.5.309.0) allowed creation of mount points from its ProgramData folder. During installation of the WARP client, it was possible to escalate privileges and overwrite SYSTEM protected files. | |||||
| CVE-2022-2147 | 1 Cloudflare | 1 Warp | 2022-07-01 | 4.6 MEDIUM | 7.8 HIGH |
| Cloudflare Warp for Windows from version 2022.2.95.0 contained an unquoted service path which enables arbitrary code execution leading to privilege escalation. The fix was released in version 2022.3.186.0. | |||||
| CVE-2020-35152 | 1 Cloudflare | 1 Warp | 2021-02-05 | 4.6 MEDIUM | 7.8 HIGH |
| Cloudflare WARP for Windows allows privilege escalation due to an unquoted service path. A malicious user or process running with non-administrative privileges can become an administrator by abusing the unquoted service path issue. Since version 1.2.2695.1, the vulnerability was fixed by adding quotes around the service's binary path. This issue affects Cloudflare WARP for Windows, versions prior to 1.2.2695.1. | |||||