PT-2025-41295 · Crowdstrike · Crowdstrike Falcon Sensor For Windows

Cong Cheng

Publicado

2025-10-08

Atualizado

2025-11-15

CVE-2025-42706

CVSS v3.1

6.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Falcon sensor for Windows versions prior to 7.24

Description A logic error in the Falcon sensor for Windows could allow an attacker, with existing code execution capabilities on a host, to delete arbitrary files. There is no indication of exploitation in the wild. The Falcon sensor for Mac, the Falcon sensor for Linux and the Falcon sensor for Legacy Systems are not affected. The issue was discovered through a bug bounty program.

Recommendations Update Falcon sensor for Windows to version 7.24 or later.

Correção

Origin Validation Error

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-346

Identificadores relacionados

BDU:2026-04834

CVE-2025-42706

Produtos afetados

Crowdstrike Falcon Sensor For Windows

PT-2025-41295 · Crowdstrike · Crowdstrike Falcon Sensor For Windows

CVE-2025-42706

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 17