CVE-2022-2841

Name of the Vulnerable Software and Affected Versions CrowdStrike Falcon versions 6.31.14505.0 through 6.44.15806

Description A vulnerability was found in the Uninstallation Handler component of CrowdStrike Falcon, related to incorrect implementation of the uninstall protection function. This leads to missing authorization, allowing an attacker to remove the software without a valid token. The manipulation can be launched remotely.

Recommendations For versions 6.31.14505.0, 6.42.15610, and 6.44.15806, upgrade to version 6.40.15409, 6.42.15611, or 6.44.15807 to address this issue. As a temporary workaround, consider disabling the Uninstallation Handler component until a patch is available. Restrict access to the Uninstallation Protection function to minimize the risk of exploitation.