Headline
CVE-2022-2147
Cloudflare Warp for Windows from version 2022.2.95.0 contained an unquoted service path which enables arbitrary code execution leading to privilege escalation. The fix was released in version 2022.3.186.0.
Package
Cloudflare WARP Client (App Center)
Affected versions
>= 2022.2.95.0
Patched versions
2022.3.186.0
Description
Impact
Cloudflare WARP Client for Windows from version 2022.2.95.0 contained an unquoted service path which enables arbitrary code execution leading to privilege escalation.
Patches
The fix was released in version 2022.3.186.0
References
Cloudflare WARP Client for Windows releases
Cloudflare WARP Client documentation