Strix
26.1K

CVE-2022-4428

HIGHCVSS 8/10EPSS 0.69%

Last modified

CVE-2022-4428 is a high-severity vulnerability rated 8/10 on the CVSS scale. support_uri parameter in the WARP client local settings file (mdm.xml) lacked proper validation which allowed for privilege escalation and launching an arbitrary executable on the local machine upon clicking on the "Send feedback" option. An attacker with access to the local file system could use a crafted XML config file pointing to a malicious file or set a local path to the executable using Cloudflare Zero Trust Dashboard (for Zero Trust enrolled clients). . EPSS estimates a 0.69% chance of exploitation in the next 30 days.

Description

support_uri parameter in the WARP client local settings file (mdm.xml) lacked proper validation which allowed for privilege escalation and launching an arbitrary executable on the local machine upon clicking on the "Send feedback" option. An attacker with access to the local file system could use a crafted XML config file pointing to a malicious file or set a local path to the executable using Cloudflare Zero Trust Dashboard (for Zero Trust enrolled clients).

Metrics

CVSS 3.1
8/10

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS Probability
0.69%

48.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CloudflareWarp<= 2022.10.106.0

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2022-4428?
support_uri parameter in the WARP client local settings file (mdm.xml) lacked proper validation which allowed for privilege escalation and launching an arbitrary executable on the local machine upon clicking on the "Send feedback" option. An attacker with access to the local file system could use a crafted XML config file pointing to a malicious file or set a local path to the executable using Cloudflare Zero Trust Dashboard (for Zero Trust enrolled clients).
How severe is CVE-2022-4428?
CVE-2022-4428 has a CVSS score of 8/10 (HIGH severity). The EPSS model estimates a 0.69% probability of exploitation in the next 30 days.
How do I fix CVE-2022-4428?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2022-4428?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST