Privilege Escalation and File Overwrite Vulnerability in Cloudflare WARP Client for Windows

Privilege Escalation and File Overwrite Vulnerability in Cloudflare WARP Client for Windows

CVE-2022-2145 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Cloudflare WARP client for Windows (up to v. 2022.5.309.0) allowed creation of mount points from its ProgramData folder. During installation of the WARP client, it was possible to escalate privileges and overwrite SYSTEM protected files.

Learn more about our Web Application Penetration Testing UK.