CVE-2020-35152 - Cloudflare WARP for Windows allows privilege escalation due to an unquoted service path. A malicious

CVE-2020-35152

Summary

Cloudflare WARP for Windows allows privilege escalation due to an unquoted service path. A malicious user or process running with non-administrative privileges can become an administrator by abusing the unquoted service path issue. Since version 1.2.2695.1, the vulnerability was fixed by adding quotes around the service's binary path. This issue affects Cloudflare WARP for Windows, versions prior to 1.2.2695.1.

References

https://github.com/cloudflare/advisories/security/advisories/GHSA-qc57-v5q8-f22h

Vulnerable Configurations

cpe:2.3:a:cloudflare:warp:-:*:*:*:*:windows:*:*
cpe:2.3:a:cloudflare:warp:-:*:*:*:*:windows:*:*

CVSS

Base:	4.6 (as of 05-02-2021 - 19:49)
Impact:
Exploitability:

CWE

CWE-428

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

Last major update

05-02-2021 - 19:49

Published

03-02-2021 - 00:15

Last modified

05-02-2021 - 19:49