Bypassing Cloudflare Zero Trust Secure Web Gateway Policies using warp-cli set-custom-endpoint command
Package
Cloudflare WARP Client
(Windows)
Affected versions
<2022.8.857.0
Patched versions
None
Cloudflare WARP Client
(Linux)
<2022.8.936
None
Cloudflare WARP Client
(MacOS)
<2022.8.861.0
None
Impact
It was possible to bypass policies configured for Zero Trust Secure Web Gateway by using warp-cli 'set-custom-endpoint' subcommand. Using this command with an unreachable endpoint caused the WARP Client to disconnect and allowed bypassing administrative restrictions on a Zero Trust enrolled endpoint.
Patches
Fixed versions (releases):
Windows: 2022.8.857.0
Linux: 2022.8.936
MacOS: 2022.8.861.0
References