A validation logic error has been identified in CrowdStrike Falcon Sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor. This error allows the TLS connection routine to improperly process server certificate validation, potentially enabling an attacker to conduct a man-in-the-middle (MiTM) attack. The vulnerability affects all versions prior to 7.21, excluding hotfix builds for supported sensor versions. Windows and Mac sensors are not affected.
Exploitation could lead to a man-in-the-middle attack, allowing an attacker to intercept and potentially alter communications between the Falcon sensor and the CrowdStrike cloud.
Users should upgrade to Falcon Sensor for Linux, Falcon Kubernetes Admission Controller, or Falcon Container Sensor versions 7.21 and later. Hotfixes are also available for certain earlier versions. For detailed instructions, refer to the CrowdStrike support portal.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
