CVE-2020-35152 MEDIUM

CVE-2020-35152: Privilege escalation through unquoted service binary path on Cloudflare WARP for Windows

Vendor Cloudflare
Product Cloudflare WARP for Windows
Weakness CWE-428
Published February 2, 2021
Last update September 16, 2024

CVSS base score

4.5/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

Cloudflare WARP for Windows allows privilege escalation due to an unquoted service path. A malicious user or process running with non-administrative privileges can become an administrator by abusing the unquoted service path issue. Since version 1.2.2695.1, the vulnerability was fixed by adding quotes around the service's binary path. This issue affects Cloudflare WARP for Windows, versions prior to 1.2.2695.1.

Key dates

02Disclosure timeline

February 2, 2021 CVE published
September 16, 2024 Record updated