cvedb.io
CVE-2022-3321
MEDIUM · CVSS 6.7
EPSS exploitation probability: 0%
Published 2022-10-28T10:15:16.683 · Last modified 2026-06-17T04:59:18.100

Summary

It was possible to bypass Lock WARP switch feature https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/#lock-warp-switch  on the WARP iOS mobile client by enabling both "Disable for cellular networks" and "Disable for Wi-Fi networks" switches at once in the application settings. Such configuration caused the WARP client to disconnect and allowed the user to bypass restrictions and policies enforced by the Zero Trust platform.

Affected products

cloudflare — warp_mobile_client

Does this affect you?

Add your gear to cvedb and we'll alert you only when cloudflare ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.