Search
Find a vulnerability
Search criteria
2 vulnerabilities found for Cloudflare WARP for Windows by Cloudflare
CVE-2020-35152 (GCVE-0-2020-35152)
Vulnerability from nvd – Published: 2021-02-02 23:35 – Updated: 2024-09-16 22:25
VLAI
EPSS
VEX
Title
Privilege escalation through unquoted service binary path on Cloudflare WARP for Windows
Summary
Cloudflare WARP for Windows allows privilege escalation due to an unquoted service path. A malicious user or process running with non-administrative privileges can become an administrator by abusing the unquoted service path issue. Since version 1.2.2695.1, the vulnerability was fixed by adding quotes around the service's binary path. This issue affects Cloudflare WARP for Windows, versions prior to 1.2.2695.1.
Severity
4.5 (Medium)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/cloudflare/advisories/security… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cloudflare | Cloudflare WARP for Windows |
Affected:
unspecified , < 1.2.2695.1
(custom)
|
Date Public
2020-12-11 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:55:10.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/cloudflare/advisories/security/advisories/GHSA-qc57-v5q8-f22h"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cloudflare WARP for Windows",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "1.2.2695.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "James Tan"
}
],
"datePublic": "2020-12-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cloudflare WARP for Windows allows privilege escalation due to an unquoted service path. A malicious user or process running with non-administrative privileges can become an administrator by abusing the unquoted service path issue. Since version 1.2.2695.1, the vulnerability was fixed by adding quotes around the service\u0027s binary path. This issue affects Cloudflare WARP for Windows, versions prior to 1.2.2695.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-02T23:35:31.000Z",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/cloudflare/advisories/security/advisories/GHSA-qc57-v5q8-f22h"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Privilege escalation through unquoted service binary path on Cloudflare WARP for Windows",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@cloudflare.com",
"DATE_PUBLIC": "2020-12-11T20:09:00.000Z",
"ID": "CVE-2020-35152",
"STATE": "PUBLIC",
"TITLE": "Privilege escalation through unquoted service binary path on Cloudflare WARP for Windows"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cloudflare WARP for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.2.2695.1"
}
]
}
}
]
},
"vendor_name": "Cloudflare"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "James Tan"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cloudflare WARP for Windows allows privilege escalation due to an unquoted service path. A malicious user or process running with non-administrative privileges can become an administrator by abusing the unquoted service path issue. Since version 1.2.2695.1, the vulnerability was fixed by adding quotes around the service\u0027s binary path. This issue affects Cloudflare WARP for Windows, versions prior to 1.2.2695.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-428"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://github.com/cloudflare/advisories/security/advisories/GHSA-qc57-v5q8-f22h"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2020-35152",
"datePublished": "2021-02-02T23:35:31.270Z",
"dateReserved": "2020-12-11T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:25:07.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-35152 (GCVE-0-2020-35152)
Vulnerability from cvelistv5 – Published: 2021-02-02 23:35 – Updated: 2024-09-16 22:25
VLAI
EPSS
VEX
Title
Privilege escalation through unquoted service binary path on Cloudflare WARP for Windows
Summary
Cloudflare WARP for Windows allows privilege escalation due to an unquoted service path. A malicious user or process running with non-administrative privileges can become an administrator by abusing the unquoted service path issue. Since version 1.2.2695.1, the vulnerability was fixed by adding quotes around the service's binary path. This issue affects Cloudflare WARP for Windows, versions prior to 1.2.2695.1.
Severity
4.5 (Medium)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/cloudflare/advisories/security… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cloudflare | Cloudflare WARP for Windows |
Affected:
unspecified , < 1.2.2695.1
(custom)
|
Date Public
2020-12-11 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:55:10.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/cloudflare/advisories/security/advisories/GHSA-qc57-v5q8-f22h"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cloudflare WARP for Windows",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "1.2.2695.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "James Tan"
}
],
"datePublic": "2020-12-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cloudflare WARP for Windows allows privilege escalation due to an unquoted service path. A malicious user or process running with non-administrative privileges can become an administrator by abusing the unquoted service path issue. Since version 1.2.2695.1, the vulnerability was fixed by adding quotes around the service\u0027s binary path. This issue affects Cloudflare WARP for Windows, versions prior to 1.2.2695.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-02T23:35:31.000Z",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/cloudflare/advisories/security/advisories/GHSA-qc57-v5q8-f22h"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Privilege escalation through unquoted service binary path on Cloudflare WARP for Windows",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@cloudflare.com",
"DATE_PUBLIC": "2020-12-11T20:09:00.000Z",
"ID": "CVE-2020-35152",
"STATE": "PUBLIC",
"TITLE": "Privilege escalation through unquoted service binary path on Cloudflare WARP for Windows"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cloudflare WARP for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.2.2695.1"
}
]
}
}
]
},
"vendor_name": "Cloudflare"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "James Tan"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cloudflare WARP for Windows allows privilege escalation due to an unquoted service path. A malicious user or process running with non-administrative privileges can become an administrator by abusing the unquoted service path issue. Since version 1.2.2695.1, the vulnerability was fixed by adding quotes around the service\u0027s binary path. This issue affects Cloudflare WARP for Windows, versions prior to 1.2.2695.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-428"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://github.com/cloudflare/advisories/security/advisories/GHSA-qc57-v5q8-f22h"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2020-35152",
"datePublished": "2021-02-02T23:35:31.270Z",
"dateReserved": "2020-12-11T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:25:07.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}