Skip to main content

Warp CVE-2023-0654

LOW
Improper Restriction of Rendered UI Layers or Frames (CWE-1021)
2023-08-29 cna@cloudflare.com
3.7
CVSS 3.1 · NVD

Severity by source

NVD PRIMARY
3.7 LOW
AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

1
CVE Published
Aug 29, 2023 - 16:15 nvd
LOW 3.7

DescriptionNVD

Due to a misconfiguration, the WARP Mobile Client (< 6.29) for Android was susceptible to a tapjacking attack. In the event that an attacker built a malicious application and managed to install it on a victim's device, the attacker would be able to trick the user into believing that the app shown on the screen was the WARP client when in reality it was the attacker's app.

AnalysisAI

Due to a misconfiguration, the WARP Mobile Client (< 6.29) for Android was susceptible to a tapjacking attack. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-1021. Due to a misconfiguration, the WARP Mobile Client (< 6.29) for Android was susceptible to a tapjacking attack. In the event that an attacker built a malicious application and managed to install it on a victim's device, the attacker would be able to trick the user into believing that the app shown on the screen was the WARP client when in reality it was the attacker's app. Affected products include: Cloudflare Warp.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More in Warp

View all
CVE-2022-3320 CRITICAL
9.8 Oct 28

It was possible to bypass policies configured for Zero Trust Secure Web Gateway by using warp-cli 'set-custom-endpoint'

CVE-2026-48732 HIGH
8.8 Jun 24

Command injection in Warp's legacy SSH background command path lets an attacker-controlled remote host inject shell synt

CVE-2026-48704 HIGH
8.8 Jun 24

Arbitrary code execution in the Warp agentic development environment (builds 0.2023.10.24.08.03.stable_00 through 0.2026

CVE-2026-48720 HIGH
8.8 Jun 24

Arbitrary local file write in Warp terminal (0.2025.03.05.08.02.stable_00 through builds before 0.2026.05.06.15.42.stabl

CVE-2022-3512 HIGH
8.8 Oct 28

Using warp-cli command "add-trusted-ssid", a user was able to disconnect WARP client and bypass the "Lock WARP switch" f

CVE-2026-48721 HIGH
8.6 Jun 24

Command-execution permission bypass in Warp's default unsandboxed CLI agent profile (versions 0.2025.10.08.08.12.stable_

CVE-2026-48719 HIGH
8.0 Jun 24

Command injection in Warp's prompt branch-selector chip lets a crafted Git branch name execute in the victim's shell whe

CVE-2026-48725 HIGH
8.1 Jun 24

Clipboard hijacking in the Warp agentic terminal (versions 0.2021.04.25.23.05.stable_00 through 0.2026.05.06.15.42.stabl

CVE-2026-48731 HIGH
7.8 Jun 24

Command injection in the Warp agentic development environment (Linux builds 0.2024.02.20.08.01.stable_01 through pre-0.2

CVE-2026-48703 HIGH
7.8 Jun 24

OS command injection in Warp's AI Agent code-search tooling allows attacker-controlled inputs to escape read-only search

CVE-2023-0652 HIGH
7.8 Apr 06

Due to a hardlink created in the ProgramData folder during the repair process of the software, the installer (MSI) of WA

CVE-2023-1412 HIGH
7.8 Apr 05

An unprivileged (non-admin) user can exploit an Improper Access Control vulnerability in the Cloudflare WARP Client for

Share

CVE-2023-0654 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy