{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-0651", "assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513", "state": "PUBLISHED", "assignerShortName": "cloudflare", "dateReserved": "2025-01-22T15:57:16.758Z", "datePublished": "2025-01-22T17:34:16.705Z", "dateUpdated": "2025-02-12T20:41:23.901Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows"], "product": "WARP", "vendor": "Cloudflare", "versions": [{"lessThan": "2024.12.492.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "https://hackerone.com/sim0nsecurity?type=user"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Privilege Management vulnerability in Cloudflare WARP on Windows allows File Manipulation.<br><br>User with a low system privileges&nbsp; can create a set of symlinks inside the&nbsp;<span style=\"background-color: rgb(245, 245, 245);\">C:\\ProgramData\\Cloudflare\\warp-diag-partials folder. After triggering the 'Reset all settings\" option the WARP service will delete the files that the symlink was pointing to. Given the WARP service operates with System privileges this might lead to deleting files owned by the System user.</span><br><p>This issue affects WARP: before 2024.12.492.0.</p>"}], "value": "Improper Privilege Management vulnerability in Cloudflare WARP on Windows allows File Manipulation.\n\nUser with a low system privileges\u00a0 can create a set of symlinks inside the\u00a0C:\\ProgramData\\Cloudflare\\warp-diag-partials folder. After triggering the 'Reset all settings\" option the WARP service will delete the files that the symlink was pointing to. Given the WARP service operates with System privileges this might lead to deleting files owned by the System user.\nThis issue affects WARP: before 2024.12.492.0."}], "impacts": [{"capecId": "CAPEC-165", "descriptions": [{"lang": "en", "value": "CAPEC-165 File Manipulation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "USER", "Safety": "NEGLIGIBLE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "baseScore": 6.1, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "GREEN", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H/S:N/R:U/RE:L/U:Green", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "LOW"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513", "shortName": "cloudflare", "dateUpdated": "2025-01-22T17:35:44.533Z"}, "references": [{"url": "https://developers.cloudflare.com/warp-client/"}], "source": {"discovery": "UNKNOWN"}, "title": "File symlink abuse might lead to deleting files belonging to SYSTEM user", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-0651", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-22T17:44:56.041413Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-12T20:41:23.901Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-0651", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-22T17:44:56.041413Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-12T20:33:48.302Z"}}], "cna": {"title": "File symlink abuse might lead to deleting files belonging to SYSTEM user", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "https://hackerone.com/sim0nsecurity?type=user"}], "impacts": [{"capecId": "CAPEC-165", "descriptions": [{"lang": "en", "value": "CAPEC-165 File Manipulation"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NEGLIGIBLE", "version": "4.0", "Recovery": "USER", "baseScore": 6.1, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H/S:N/R:U/RE:L/U:Green", "providerUrgency": "GREEN", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "LOW", "vulnerabilityResponseEffort": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Cloudflare", "product": "WARP", "versions": [{"status": "affected", "version": "0", "lessThan": "2024.12.492.0", "versionType": "custom"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}], "references": [{"url": "https://developers.cloudflare.com/warp-client/"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Improper Privilege Management vulnerability in Cloudflare WARP on Windows allows File Manipulation.\n\nUser with a low system privileges\u00a0 can create a set of symlinks inside the\u00a0C:\\ProgramData\\Cloudflare\\warp-diag-partials folder. After triggering the 'Reset all settings\" option the WARP service will delete the files that the symlink was pointing to. Given the WARP service operates with System privileges this might lead to deleting files owned by the System user.\nThis issue affects WARP: before 2024.12.492.0.", "supportingMedia": [{"type": "text/html", "value": "Improper Privilege Management vulnerability in Cloudflare WARP on Windows allows File Manipulation.<br><br>User with a low system privileges&nbsp; can create a set of symlinks inside the&nbsp;<span style=\"background-color: rgb(245, 245, 245);\">C:\\ProgramData\\Cloudflare\\warp-diag-partials folder. After triggering the 'Reset all settings\" option the WARP service will delete the files that the symlink was pointing to. Given the WARP service operates with System privileges this might lead to deleting files owned by the System user.</span><br><p>This issue affects WARP: before 2024.12.492.0.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "providerMetadata": {"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513", "shortName": "cloudflare", "dateUpdated": "2025-01-22T17:35:44.533Z"}}}, "cveMetadata": {"cveId": "CVE-2025-0651", "state": "PUBLISHED", "dateUpdated": "2025-02-12T20:41:23.901Z", "dateReserved": "2025-01-22T15:57:16.758Z", "assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513", "datePublished": "2025-01-22T17:34:16.705Z", "assignerShortName": "cloudflare"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Privilege Management vulnerability in Cloudflare WARP on Windows allows File Manipulation.\n\nUser with a low system privileges\u00a0 can create a set of symlinks inside the\u00a0C:\\ProgramData\\Cloudflare\\warp-diag-partials folder. After triggering the 'Reset all settings\" option the WARP service will delete the files that the symlink was pointing to. Given the WARP service operates with System privileges this might lead to deleting files owned by the System user.\nThis issue affects WARP: before 2024.12.492.0."}], "id": "CVE-2025-0651", "lastModified": "2025-01-22T18:15:20.363", "metrics": {"cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "GREEN", "recovery": "USER", "safety": "NEGLIGIBLE", "subsequentSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "HIGH", "subsequentSystemIntegrity": "HIGH", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:X/R:U/V:X/RE:L/U:Green", "version": "4.0", "vulnerabilityResponseEffort": "LOW", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "LOW", "vulnerableSystemIntegrity": "HIGH"}, "source": "cna@cloudflare.com", "type": "Secondary"}]}, "published": "2025-01-22T18:15:20.363", "references": [{"source": "cna@cloudflare.com", "url": "https://developers.cloudflare.com/warp-client/"}], "sourceIdentifier": "cna@cloudflare.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "cna@cloudflare.com", "type": "Secondary"}]}

{}