By using warp-cli subcommands (disable-ethernet, disable-wifi), it was possible for a user without admin privileges to bypass configured Zero Trust security policies (e.g. Secure Web Gateway policies) and features such as 'Lock WARP switch'.
References
Link | Resource |
---|---|
https://github.com/cloudflare/advisories/security/advisories/GHSA-cg88-vx48-976c | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: cloudflare
Published: 2022-07-26T11:35:10
Updated: 2022-07-26T11:35:10
Reserved: 2022-06-27T00:00:00
Link: CVE-2022-2225
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-07-26T12:15:08.203
Modified: 2022-08-01T16:30:16.207
Link: CVE-2022-2225
JSON object: View
Redhat Information
No data.
CWE