CVE-2022-2225

Published July 26th, 2022

View on NVD ↗

CVSS v3

8.1

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

By using warp-cli subcommands (disable-ethernet, disable-wifi), it was possible for a user without admin privileges to bypass configured Zero Trust security policies (e.g. Secure Web Gateway policies) and features such as 'Lock WARP switch'.

cloudflare/advisories

This repo functions as the hub for "open sourced" closed source vulnerabilities/advisories as well as educational writeups composed in collaboration with third parties on discovered vulnerabilities.

GitHub