7 matches found
EUVD-2023-23666
Malicious code in bioql PyPI...
CVE-2023-1412
An unprivileged non-admin user can exploit an Improper Access Control vulnerability in the Cloudflare WARP Client for Windows = 2022.12.582.0 to perform privileged operations with SYSTEM context by working with a combination of opportunistic locks oplock and symbolic links which can both be creat...
CVE-2022-2145
Cloudflare WARP client for Windows up to v. 2022.5.309.0 allowed creation of mount points from its ProgramData folder. During installation of the WARP client, it was possible to escalate privileges and overwrite SYSTEM protected files...
Improper access control
Cloudflare WARP client for Windows up to v2023.3.381.0 allowed a malicious actor to remotely access the warp-svc.exe binary due to an insufficient access control policy on an IPC Named Pipe. This would have enabled an attacker to trigger WARP connect and disconnect commands, as well as obtaining...
CVE-2023-1412
An unprivileged non-admin user can exploit an Improper Access Control vulnerability in the Cloudflare WARP Client for Windows = 2022.12.582.0 to perform privileged operations with SYSTEM context by working with a combination of opportunistic locks oplock and symbolic links which can both be creat...
CVE-2023-1412 Local Privilege Escalation Vulnerability in WARP's MSI Installer
An unprivileged non-admin user can exploit an Improper Access Control vulnerability in the Cloudflare WARP Client for Windows = 2022.12.582.0 to perform privileged operations with SYSTEM context by working with a combination of opportunistic locks oplock and symbolic links which can both be creat...
PT-2023-16965 · Cloudflare · Cloudflare Warp Client
Name of the Vulnerable Software and Affected Versions: Cloudflare WARP Client for Windows versions = 2022.12.582.0 Description: An unprivileged user can exploit an Improper Access Control issue to perform privileged operations with SYSTEM context by using a combination of opportunistic locks and...