CVE-2022-2147

MEDIUM

Cloudflare Warp <2022.3.186.0 - Privilege Escalation

Title source: llm

Description

Cloudflare Warp for Windows from version 2022.2.95.0 contained an unquoted service path which enables arbitrary code execution leading to privilege escalation. The fix was released in version 2022.3.186.0.

References (1)

[Release Notes, Third Party Advisory] https://github.com/cloudflare/advisories/security/advisories/GHSA-m6w8-3pf9-p68r

Scores

CVSS v3 6.5

EPSS 0.0010

EPSS Percentile 27.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-428

Status published

Products (1)

cloudflare/warp 2022.2.95.0 - 2022.3.186.0

Published Jun 23, 2022

Tracked Since Feb 18, 2026