PT-2025-41295 · Crowdstrike · Crowdstrike Falcon Sensor For Windows
Cong Cheng
·
Published
2025-10-08
·
Updated
2025-11-15
·
CVE-2025-42706
CVSS v3.1
6.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Falcon sensor for Windows versions prior to 7.24
Description
A logic error in the Falcon sensor for Windows could allow an attacker, with existing code execution capabilities on a host, to delete arbitrary files. There is no indication of exploitation in the wild. The Falcon sensor for Mac, the Falcon sensor for Linux and the Falcon sensor for Legacy Systems are not affected. The issue was discovered through a bug bounty program.
Recommendations
Update Falcon sensor for Windows to version 7.24 or later.
Fix
Origin Validation Error
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Crowdstrike Falcon Sensor For Windows