WARP Client Vulnerability: Bypassing Lock WARP Switch to Disable Zero Trust Policies

WARP Client Vulnerability: Bypassing Lock WARP Switch to Disable Zero Trust Policies

CVE-2022-3512 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Using warp-cli command "add-trusted-ssid", a user was able to disconnect WARP client and bypass the "Lock WARP switch" feature resulting in Zero Trust policies not being enforced on an affected endpoint.

Learn more about our User Device Pen Test.