Local Privilege Escalation Vulnerability in WARP's MSI Installer
CVE-2023-1412

7HIGH

Key Information:

Vendor: Cloudflare
Status: Warp
Vendor: CVE Published:; 5 April 2023

What is CVE-2023-1412?

The vulnerability occurs in the installer of the Cloudflare WARP Client for Windows, where an unprivileged user can utilize an improper access control mechanism. By creating opportunistic locks and symbolic links, these users could perform privileged operations with SYSTEM context, such as deleting or reading arbitrary files. This flaw escalates privileges without requiring administrative rights, posing significant security risks. Users are advised to upgrade to version 2023.3.381.0 or later to mitigate this issue and remove older installers from their systems.

Affected Version(s)

WARP Windows 0 <= 2022.5.309.0

References

https://github.com/cloudflare/advisories/security/advisor...

https://install.appcenter.ms/orgs/cloudflare/apps/1.1.1.1...

https://developers.cloudflare.com/warp-client/get-started...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 5, 2023
Vulnerability Reserved
Mar 15, 2023