EUVD-2022-51801

Malicious code in bioql PyPI...

EUVD-2022-42881

Malicious code in bioql PyPI...

EUVD-2022-42712

Malicious code in bioql PyPI...

EUVD-2022-51773

Malicious code in bioql PyPI...

EUVD-2023-12686

Malicious code in bioql PyPI...

EUVD-2023-23666

Malicious code in bioql PyPI...

CVE-2023-0652

Due to a hardlink created in the ProgramData folder during the repair process of the software, the installer MSI of WARP Client for Windows = 2022.12.582.0 allowed a malicious attacker to forge the destination of the hardlink and escalate privileges, overwriting SYSTEM protected files. As...

CVE-2023-1412

An unprivileged non-admin user can exploit an Improper Access Control vulnerability in the Cloudflare WARP Client for Windows = 2022.12.582.0 to perform privileged operations with SYSTEM context by working with a combination of opportunistic locks oplock and symbolic links which can both be creat...

CVE-2022-3512

Using warp-cli command "add-trusted-ssid", a user was able to disconnect WARP client and bypass the "Lock WARP switch" feature resulting in Zero Trust policies not being enforced on an affected endpoint...

CVE-2022-3320

It was possible to bypass policies configured for Zero Trust Secure Web Gateway by using warp-cli 'set-custom-endpoint' subcommand. Using this command with an unreachable endpoint caused the WARP Client to disconnect and allowed bypassing administrative restrictions on a Zero Trust enrolled...

CVE-2022-4457

Due to a misconfiguration in the manifest file of the WARP client for Android, it was possible to a perform a task hijacking attack. An attacker could create a malicious mobile application which could hijack legitimate app and steal potentially sensitive information when installed on the victim's...

CVE-2022-2145

Cloudflare WARP client for Windows up to v. 2022.5.309.0 allowed creation of mount points from its ProgramData folder. During installation of the WARP client, it was possible to escalate privileges and overwrite SYSTEM protected files...

CVE-2022-4428

supporturi parameter in the WARP client local settings file mdm.xml lacked proper validation which allowed for privilege escalation and launching an arbitrary executable on the local machine upon clicking on the "Send feedback" option. An attacker with access to the local file system could use a...

CVE-2023-3747 Insufficient Validation on Override Codes for Always-Enabled WARP Mode

Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. Override codes can also be created by the Administrators to allow a device to temporarily be disconnected from WARP, however, due to lack of server side validation, an attacker with local access...

CVE-2023-2754

The Cloudflare WARP client for Windows assigns loopback IPv4 addresses for the DNS Servers, since WARP acts as local DNS server that performs DNS queries in a secure manner, however, if a user is connected to WARP over an IPv6-capable network, te WARP client did not assign loopback IPv6 addresses...

Design/Logic Flaw

The Cloudflare WARP client for Windows assigns loopback IPv4 addresses for the DNS Servers, since WARP acts as local DNS server that performs DNS queries in a secure manner, however, if a user is connected to WARP over an IPv6-capable network, te WARP client did not assign loopback IPv6 addresses...

CVE-2023-2754 Plaintext transmission of DNS requests in Windows 1.1.1.1 WARP client

The Cloudflare WARP client for Windows assigns loopback IPv4 addresses for the DNS Servers, since WARP acts as local DNS server that performs DNS queries in a secure manner, however, if a user is connected to WARP over an IPv6-capable network, te WARP client did not assign loopback IPv6 addresses...

CVE-2023-2754

The Cloudflare WARP client for Windows assigns loopback IPv4 addresses for the DNS Servers, since WARP acts as local DNS server that performs DNS queries in a secure manner, however, if a user is connected to WARP over an IPv6-capable network, te WARP client did not assign loopback IPv6 addresses...

Improper access control

Cloudflare WARP client for Windows up to v2023.3.381.0 allowed a malicious actor to remotely access the warp-svc.exe binary due to an insufficient access control policy on an IPC Named Pipe. This would have enabled an attacker to trigger WARP connect and disconnect commands, as well as obtaining...

CVE-2023-1862

CVE-2023-1862 affects the Cloudflare WARP client for Windows (up to v2023.3.381.0). The weakness is an insufficient access control policy on an IPC Named Pipe used by warp-svc.exe, which could let a remote attacker trigger WARP connect/disconnect commands and read network diagnostics and applicat...