Описание
Cloudflare Warp for Windows from version 2022.2.95.0 contained an unquoted service path which enables arbitrary code execution leading to privilege escalation. The fix was released in version 2022.3.186.0.
Ссылки
- Release NotesThird Party Advisory
- Release NotesThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 2022.2.95.0 (включая) до 2022.3.186.0 (исключая)
cpe:2.3:a:cloudflare:warp:*:*:*:*:*:windows:*:*
EPSS
Процентиль: 28%
0.001
Низкий
6.5 Medium
CVSS3
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-428
CWE-428
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
Cloudflare Warp for Windows from version 2022.2.95.0 contained an unquoted service path which enables arbitrary code execution leading to privilege escalation. The fix was released in version 2022.3.186.0.
EPSS
Процентиль: 28%
0.001
Низкий
6.5 Medium
CVSS3
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-428
CWE-428