Primary

Context

Cloudflare WARP for Windows Privilege Escalation Vulnerability via Unquoted Service Path

Vulnerability

Patched

A vulnerability in Cloudflare WARP for Windows, starting from version 2022.2.95.0, allows arbitrary code execution that could lead to privilege escalation. This issue arises from an unquoted service path in the application. The vulnerability has been addressed in version 2022.3.186.0.

Impact

Exploitation of this vulnerability could result in unauthorized privilege escalation by allowing arbitrary code execution with elevated rights.

Remediation

Users can upgrade to Cloudflare WARP for Windows version 2022.3.186.0 to address this vulnerability.

Added: Mar 11, 2026, 6:51 PM

Updated: Mar 11, 2026, 6:51 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

2.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

2.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Cloudflare WARP for Windows Privilege Escalation Vulnerability via Unquoted Service Path

Vulnerability

Impact

Remediation

Affected Products

Cloudflare WARP Client

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating