Volerion logoVolerion
Volerion logoVolerion

Cloudflare cloudflared Windows 32-bit Installer Privilege Escalation Vulnerability

Vulnerability

A local privilege escalation vulnerability has been identified in the cloudflared installer for Windows 32-bit devices, affecting versions through 2023.3.0. The issue arises because the MSI installer was dependent on a world-writable directory, allowing a local attacker without administrative rights to exploit symbolic links. By creating a symlink from the writable directory to a target file, the attacker can manipulate the installer's repair function to delete or replace files in restricted locations, potentially compromising the device. It is important to note that this vulnerability does not impact the cloudflared client itself, only the installer for 32-bit Windows.

Impact

Exploitation could lead to unauthorized deletion or modification of system files, allowing for the introduction of malicious files and potentially compromising the device.

Remediation

Users are advised to update to cloudflared version 2023.3.1 or later and to remove any old installers from their systems.

Added: Mar 11, 2026, 7:13 PM
Updated: Mar 11, 2026, 7:13 PM

Vulnerability Rating

Custom Algorithm
spread
4.5
impact
2.5
exploitability
3.1
remediation
7.7
relevance
0.0
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.