Lock WARP switch bypass by removing VPN profile on iOS mobile client
CVE-2022-3337

6.7MEDIUM

Key Information:

Vendor: Cloudflare
Status: Warp
Vendor: CVE Published:; 28 October 2022

What is CVE-2022-3337?

It was possible for a user to delete a VPN profile from WARP mobile client on iOS platform despite the Lock WARP switch https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/#lock-warp-switch feature being enabled on Zero Trust Platform. This led to bypassing policies and restrictions enforced for enrolled devices by the Zero Trust platform.

Affected Version(s)

WARP iOS 0 < 6.15

References

https://github.com/cloudflare/advisories/security/advisor...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 28, 2022
Vulnerability Reserved
Sep 27, 2022

Credit

Josh (joshmotionfans)