Lucene search

K
cvelistCloudflareCVELIST:CVE-2020-35152
HistoryDec 11, 2020 - 12:00 a.m.

CVE-2020-35152 Privilege escalation through unquoted service binary path on Cloudflare WARP for Windows

2020-12-1100:00:00
CWE-428
cloudflare
www.cve.org

4.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

Cloudflare WARP for Windows allows privilege escalation due to an unquoted service path. A malicious user or process running with non-administrative privileges can become an administrator by abusing the unquoted service path issue. Since version 1.2.2695.1, the vulnerability was fixed by adding quotes around the service’s binary path. This issue affects Cloudflare WARP for Windows, versions prior to 1.2.2695.1.

CNA Affected

[
  {
    "product": "Cloudflare WARP for Windows",
    "vendor": "Cloudflare",
    "versions": [
      {
        "lessThan": "1.2.2695.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

4.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

Related for CVELIST:CVE-2020-35152