Unquoted Service Path Vulnerability in Cloudflare Warp for Windows

Unquoted Service Path Vulnerability in Cloudflare Warp for Windows

CVE-2022-2147 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Cloudflare Warp for Windows from version 2022.2.95.0 contained an unquoted service path which enables arbitrary code execution leading to privilege escalation. The fix was released in version 2022.3.186.0.

Learn more about our Web Application Penetration Testing UK.