Описание
Cloudflare WARP client for Windows (up to v. 2022.5.309.0) allowed creation of mount points from its ProgramData folder. During installation of the WARP client, it was possible to escalate privileges and overwrite SYSTEM protected files.
Ссылки
- Release NotesThird Party Advisory
- Release NotesThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2022.5.309.0 (исключая)
cpe:2.3:a:cloudflare:warp:*:*:*:*:*:windows:*:*
EPSS
Процентиль: 27%
0.00093
Низкий
5.8 Medium
CVSS3
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-20
CWE-59
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
Cloudflare WARP client for Windows (up to v. 2022.5.309.0) allowed creation of mount points from its ProgramData folder. During installation of the WARP client, it was possible to escalate privileges and overwrite SYSTEM protected files.
EPSS
Процентиль: 27%
0.00093
Низкий
5.8 Medium
CVSS3
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-20
CWE-59