CVE-2022-2225

Description

By using warp-cli subcommands (disable-ethernet, disable-wifi), it was possible for a user without admin privileges to bypass configured Zero Trust security policies (e.g. Secure Web Gateway policies) and features such as 'Lock WARP switch'.

Related CPE's

a cloudflare warp *****linux **

a cloudflare warp *****macos **

a cloudflare warp *****windows **

References

https://github.com/cloudflare/advisories/security/advisories/GHSA-cg88-vx48-976c

PatchThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io