CVE-2023-1862

Name of the Vulnerable Software and Affected Versions Cloudflare WARP client for Windows versions up to 2023.3.381.0

Description The issue is related to insufficient access control policy on an IPC Named Pipe, allowing a malicious actor to remotely access the warp-svc.exe binary. This could enable an attacker to trigger WARP connect and disconnect commands, as well as obtain network diagnostics and application configuration from the target's device. Exploitation requires specific conditions, including the target's device being reachable on port 445 and allowing authentication with NULL sessions or having knowledge of the target's credentials.

Recommendations For Cloudflare WARP client for Windows versions up to 2023.3.381.0, update to a version later than 2023.3.381.0 to resolve the issue. As a temporary workaround, consider restricting access to the warp-svc.exe binary and limiting authentication to prevent NULL sessions or unauthorized access. Additionally, ensure that port 445 is not reachable from untrusted networks to minimize the risk of exploitation.