Vulnerabilities > Cloudflare > Warp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-07 | CVE-2023-3747 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Cloudflare Warp 6.29 Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. | 5.5 |
| 2023-08-29 | CVE-2023-0654 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Cloudflare Warp Due to a misconfiguration, the WARP Mobile Client (< 6.29) for Android was susceptible to a tapjacking attack. | 3.7 |
| 2023-08-29 | CVE-2023-0238 | Unspecified vulnerability in Cloudflare Warp Due to lack of a security policy, the WARP Mobile Client (<=6.29) for Android was susceptible to this vulnerability which allowed a malicious app installed on a victim's device to exploit a peculiarity in an Android function, wherein under certain conditions, the malicious app could dictate the task behaviour of the WARP app. | 5.5 |
| 2023-08-03 | CVE-2023-2754 | Cleartext Transmission of Sensitive Information vulnerability in Cloudflare Warp The Cloudflare WARP client for Windows assigns loopback IPv4 addresses for the DNS Servers, since WARP acts as local DNS server that performs DNS queries in a secure manner, however, if a user is connected to WARP over an IPv6-capable network, te WARP client did not assign loopback IPv6 addresses but Unique Local Addresses, which under certain conditions could point towards unknown devices in the same local network which enables an Attacker to view DNS queries made by the device. | 6.8 |
| 2023-06-20 | CVE-2023-1862 | Unspecified vulnerability in Cloudflare Warp Cloudflare WARP client for Windows (up to v2023.3.381.0) allowed a malicious actor to remotely access the warp-svc.exe binary due to an insufficient access control policy on an IPC Named Pipe. | 7.3 |
| 2023-04-06 | CVE-2023-0652 | Link Following vulnerability in Cloudflare Warp Due to a hardlink created in the ProgramData folder during the repair process of the software, the installer (MSI) of WARP Client for Windows (<= 2022.12.582.0) allowed a malicious attacker to forge the destination of the hardlink and escalate privileges, overwriting SYSTEM protected files. As Cloudflare WARP client for Windows (up to version 2022.5.309.0) allowed creation of mount points from its ProgramData folder, during installation of the WARP client, it was possible to escalate privileges and overwrite SYSTEM protected files. | 7.8 |
| 2023-04-05 | CVE-2023-1412 | Link Following vulnerability in Cloudflare Warp An unprivileged (non-admin) user can exploit an Improper Access Control vulnerability in the Cloudflare WARP Client for Windows (<= 2022.12.582.0) to perform privileged operations with SYSTEM context by working with a combination of opportunistic locks (oplock) and symbolic links (which can both be created by an unprivileged user). After installing the Cloudflare WARP Client (admin privileges required), an MSI-Installer is placed under C:\Windows\Installer. | 7.8 |
| 2023-01-11 | CVE-2022-4428 | Improper Input Validation vulnerability in Cloudflare Warp support_uri parameter in the WARP client local settings file (mdm.xml) lacked proper validation which allowed for privilege escalation and launching an arbitrary executable on the local machine upon clicking on the "Send feedback" option. | 8.0 |
| 2023-01-11 | CVE-2022-4457 | Unspecified vulnerability in Cloudflare Warp Due to a misconfiguration in the manifest file of the WARP client for Android, it was possible to a perform a task hijacking attack. | 5.5 |
| 2022-10-28 | CVE-2022-3320 | Missing Authorization vulnerability in Cloudflare Warp It was possible to bypass policies configured for Zero Trust Secure Web Gateway by using warp-cli 'set-custom-endpoint' subcommand. | 9.8 |