CVE-2023-0654 (GCVE-0-2023-0654)
Vulnerability from cvelistv5 – Published: 2023-08-29 15:05 – Updated: 2024-09-30 17:46
VLAI
EPSS
VEX
Title
Spoofing User's Activity Loads in WARP Mobile Client (Android)
Summary
Due to a misconfiguration, the WARP Mobile Client (< 6.29) for Android was susceptible to a tapjacking attack. In the event that an attacker built a malicious application and managed to install it on a victim's device, the attacker would be able to trick the user into believing that the app shown on the screen was the WARP client when in reality it was the attacker's app.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1021 - Improper Restriction of Rendered UI Layers or Frames
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cloudflare | WARP Client |
Affected:
0 , < 6.29
(patch)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:17:50.408Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/cloudflare/advisories/security/advisories/GHSA-5r97-pqv6-xpx7"
},
{
"tags": [
"x_transferred"
],
"url": "https://developers.cloudflare.com/warp-client/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0654",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T17:35:06.811748Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T17:46:56.466Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Android"
],
"product": "WARP Client",
"vendor": "Cloudflare",
"versions": [
{
"changes": [
{
"at": "6.29",
"status": "unaffected"
}
],
"lessThan": "6.29",
"status": "affected",
"version": "0",
"versionType": "patch"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDue to a misconfiguration, the WARP Mobile Client (\u0026lt; 6.29) for Android was susceptible to a tapjacking attack. In the event that an attacker built a malicious application and managed to install it on a victim\u0027s device, the attacker would be able to trick the user into believing that the app shown on the screen was the WARP client when in reality it was the attacker\u0027s app.\u003c/p\u003e"
}
],
"value": "Due to a misconfiguration, the WARP Mobile Client (\u003c 6.29) for Android was susceptible to a tapjacking attack. In the event that an attacker built a malicious application and managed to install it on a victim\u0027s device, the attacker would be able to trick the user into believing that the app shown on the screen was the WARP client when in reality it was the attacker\u0027s app.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-506",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-506 Tapjacking"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1021",
"description": "CWE-1021 Improper Restriction of Rendered UI Layers or Frames",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-29T15:05:19.623Z",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"url": "https://github.com/cloudflare/advisories/security/advisories/GHSA-5r97-pqv6-xpx7"
},
{
"url": "https://developers.cloudflare.com/warp-client/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Spoofing User\u0027s Activity Loads in WARP Mobile Client (Android)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2023-0654",
"datePublished": "2023-08-29T15:05:19.623Z",
"dateReserved": "2023-02-02T17:45:39.047Z",
"dateUpdated": "2024-09-30T17:46:56.466Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-0654",
"date": "2026-07-12",
"epss": "0.00197",
"percentile": "0.09595"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cloudflare:warp:*:*:*:*:*:android:*:*\", \"versionEndExcluding\": \"6.29\", \"matchCriteriaId\": \"B2EF7B54-01B4-4588-83EF-FD8261AB795E\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Due to a misconfiguration, the WARP Mobile Client (\u003c 6.29) for Android was susceptible to a tapjacking attack. In the event that an attacker built a malicious application and managed to install it on a victim\u0027s device, the attacker would be able to trick the user into believing that the app shown on the screen was the WARP client when in reality it was the attacker\u0027s app.\\n\\n\"}]",
"id": "CVE-2023-0654",
"lastModified": "2024-11-21T07:37:33.873",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"cna@cloudflare.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N\", \"baseScore\": 3.9, \"baseSeverity\": \"LOW\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.3, \"impactScore\": 2.5}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N\", \"baseScore\": 3.7, \"baseSeverity\": \"LOW\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 2.5}]}",
"published": "2023-08-29T16:15:08.747",
"references": "[{\"url\": \"https://developers.cloudflare.com/warp-client/\", \"source\": \"cna@cloudflare.com\", \"tags\": [\"Product\"]}, {\"url\": \"https://github.com/cloudflare/advisories/security/advisories/GHSA-5r97-pqv6-xpx7\", \"source\": \"cna@cloudflare.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://developers.cloudflare.com/warp-client/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Product\"]}, {\"url\": \"https://github.com/cloudflare/advisories/security/advisories/GHSA-5r97-pqv6-xpx7\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "cna@cloudflare.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"cna@cloudflare.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-1021\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-1021\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-0654\",\"sourceIdentifier\":\"cna@cloudflare.com\",\"published\":\"2023-08-29T16:15:08.747\",\"lastModified\":\"2026-06-17T05:26:01.160\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Due to a misconfiguration, the WARP Mobile Client (\u003c 6.29) for Android was susceptible to a tapjacking attack. In the event that an attacker built a malicious application and managed to install it on a victim\u0027s device, the attacker would be able to trick the user into believing that the app shown on the screen was the WARP client when in reality it was the attacker\u0027s app.\\n\\n\"},{\"lang\":\"es\",\"value\":\"Debido a una mala configuraci\u00f3n, el Cliente M\u00f3vil WARP (\u0026lt; 6.29) para Android era susceptible a un ataque de tapjacking. En el caso de que un atacante creara una aplicaci\u00f3n maliciosa y lograra instalarla en el dispositivo de una v\u00edctima, el atacante podr\u00eda enga\u00f1ar al usuario para que creyera que la aplicaci\u00f3n mostrada en pantalla era el cliente WARP cuando en realidad era la aplicaci\u00f3n del atacante.\"}],\"affected\":[{\"source\":\"cna@cloudflare.com\",\"affectedData\":[{\"vendor\":\"Cloudflare\",\"product\":\"WARP Client\",\"defaultStatus\":\"unaffected\",\"platforms\":[\"Android\"],\"versions\":[{\"version\":\"0\",\"lessThan\":\"6.29\",\"versionType\":\"patch\",\"status\":\"affected\",\"changes\":[{\"at\":\"6.29\",\"status\":\"unaffected\"}]}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cna@cloudflare.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N\",\"baseScore\":3.9,\"baseSeverity\":\"LOW\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.3,\"impactScore\":2.5},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N\",\"baseScore\":3.7,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.2,\"impactScore\":2.5}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2024-09-30T17:35:06.811748Z\",\"id\":\"CVE-2023-0654\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"cna@cloudflare.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1021\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1021\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cloudflare:warp:*:*:*:*:*:android:*:*\",\"versionEndExcluding\":\"6.29\",\"matchCriteriaId\":\"B2EF7B54-01B4-4588-83EF-FD8261AB795E\"}]}]}],\"references\":[{\"url\":\"https://developers.cloudflare.com/warp-client/\",\"source\":\"cna@cloudflare.com\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/cloudflare/advisories/security/advisories/GHSA-5r97-pqv6-xpx7\",\"source\":\"cna@cloudflare.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://developers.cloudflare.com/warp-client/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/cloudflare/advisories/security/advisories/GHSA-5r97-pqv6-xpx7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"redhat_vex": {
"current_release_date": "2025-05-29T00:55:42+00:00",
"cve": "CVE-2023-0654",
"id": "CVE-2023-0654",
"initial_release_date": "2023-01-01T00:00:00+00:00",
"product_status:known_not_affected": "1",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "Spoofing User\u0027s Activity Loads in WARP Mobile Client (Android)",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0654.json",
"version": "3"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/cloudflare/advisories/security/advisories/GHSA-5r97-pqv6-xpx7\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://developers.cloudflare.com/warp-client/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T05:17:50.408Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-0654\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-30T17:35:06.811748Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-30T17:46:49.403Z\"}}], \"cna\": {\"title\": \"Spoofing User\u0027s Activity Loads in WARP Mobile Client (Android)\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"impacts\": [{\"capecId\": \"CAPEC-506\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-506 Tapjacking\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 3.9, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Cloudflare\", \"product\": \"WARP Client\", \"versions\": [{\"status\": \"affected\", \"changes\": [{\"at\": \"6.29\", \"status\": \"unaffected\"}], \"version\": \"0\", \"lessThan\": \"6.29\", \"versionType\": \"patch\"}], \"platforms\": [\"Android\"], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://github.com/cloudflare/advisories/security/advisories/GHSA-5r97-pqv6-xpx7\"}, {\"url\": \"https://developers.cloudflare.com/warp-client/\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Due to a misconfiguration, the WARP Mobile Client (\u003c 6.29) for Android was susceptible to a tapjacking attack. In the event that an attacker built a malicious application and managed to install it on a victim\u0027s device, the attacker would be able to trick the user into believing that the app shown on the screen was the WARP client when in reality it was the attacker\u0027s app.\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eDue to a misconfiguration, the WARP Mobile Client (\u0026lt; 6.29) for Android was susceptible to a tapjacking attack. In the event that an attacker built a malicious application and managed to install it on a victim\u0027s device, the attacker would be able to trick the user into believing that the app shown on the screen was the WARP client when in reality it was the attacker\u0027s app.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1021\", \"description\": \"CWE-1021 Improper Restriction of Rendered UI Layers or Frames\"}]}], \"providerMetadata\": {\"orgId\": \"a22f1246-ba21-4bb4-a601-ad51614c1513\", \"shortName\": \"cloudflare\", \"dateUpdated\": \"2023-08-29T15:05:19.623Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-0654\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-30T17:46:56.466Z\", \"dateReserved\": \"2023-02-02T17:45:39.047Z\", \"assignerOrgId\": \"a22f1246-ba21-4bb4-a601-ad51614c1513\", \"datePublished\": \"2023-08-29T15:05:19.623Z\", \"assignerShortName\": \"cloudflare\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…