Cloudflare WARP Client for Windows Privilege Escalation Vulnerability

A local privilege escalation vulnerability has been identified in the WARP Client for Windows, specifically in versions through 2022.5.309.0. The issue arises from a hardlink created in the ProgramData folder during the software's repair process. This hardlink allows a malicious attacker to manipulate its destination, leading to the overwriting of SYSTEM protected files. Additionally, the WARP client previously permitted the creation of mount points from the ProgramData folder, further facilitating the privilege escalation.

Impact

Exploitation of this vulnerability allows for local privilege escalation by overwriting SYSTEM protected files, potentially leading to unauthorized modifications of critical system components or configurations.

Remediation

Users are advised to upgrade to WARP Client for Windows version 2023.3.381.0 or later. After updating, delete any older WARP installers that may still be present on the system.