CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-2225 – Zero Trust Secure Web Gateway policies bypass using WARP client subcommands
https://notcve.org/view.php?id=CVE-2022-2225
By using warp-cli subcommands (disable-ethernet, disable-wifi), it was possible for a user without admin privileges to bypass configured Zero Trust security policies (e.g. Secure Web Gateway policies) and features such as 'Lock WARP switch'. Mediante el uso de los subcomandos de warp-cli (disable-ethernet, disable-wifi), era posible a un usuario no privilegiado de administrador omitir las políticas de seguridad configuradas de Zero Trust (por ejemplo, las políticas de Secure Web Gateway) y funciones como "Lock WARP switch". • https://github.com/cloudflare/advisories/security/advisories/GHSA-cg88-vx48-976c • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2145 – Cloudlfare WARP Arbitrary File Overwrite
https://notcve.org/view.php?id=CVE-2022-2145
Cloudflare WARP client for Windows (up to v. 2022.5.309.0) allowed creation of mount points from its ProgramData folder. During installation of the WARP client, it was possible to escalate privileges and overwrite SYSTEM protected files. El cliente WARP de Cloudflare para Windows (versiones hasta 2022.5.309.0) permitía la creación de puntos de montaje desde su carpeta ProgramData. Durante la instalación del cliente WARP, era posible escalar privilegios y sobrescribir archivos protegidos por el sistema • https://github.com/cloudflare/advisories/security/advisories/GHSA-6fpc-qxmr-6wrq • CWE-20: Improper Input Validation CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-35152 – Privilege escalation through unquoted service binary path on Cloudflare WARP for Windows
https://notcve.org/view.php?id=CVE-2020-35152
Cloudflare WARP for Windows allows privilege escalation due to an unquoted service path. A malicious user or process running with non-administrative privileges can become an administrator by abusing the unquoted service path issue. Since version 1.2.2695.1, the vulnerability was fixed by adding quotes around the service's binary path. This issue affects Cloudflare WARP for Windows, versions prior to 1.2.2695.1. Cloudflare WARP para Windows permite un escalada de privilegios debido a una ruta de servicio sin comillas. • https://github.com/cloudflare/advisories/security/advisories/GHSA-qc57-v5q8-f22h • CWE-428: Unquoted Search Path or Element •