01642 06 11 11 Arrange Call

WARP Client Vulnerability: Bypassing Lock WARP Switch to Disable Zero Trust Policies

CVE-2022-3512 · MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:L

CVE-2022-3512

Using warp-cli command "add-trusted-ssid", a user was able to disconnect WARP client and bypass the "Lock WARP switch" feature resulting in Zero Trust policies not being enforced on an affected endpoint.

Learn more about our User Device Pen Test.