CrowdStrike Falcon Sensor for Windows Logic Error Vulnerability Allowing Arbitrary File Deletion
Vulnerability
A logic error has been identified in the CrowdStrike Falcon Sensor for Windows, versions 7.28 and earlier, including all 7.16 builds for Windows 7/2008 R2. This vulnerability could enable an attacker, who already has the ability to execute code on a host, to delete arbitrary files. Exploitation of this vulnerability could disrupt the functionality or stability of the Falcon sensor or other software on the system, including the operating system.
Impact
Exploitation of this vulnerability could lead to the deletion of important files, potentially causing stability or functionality issues with the CrowdStrike Falcon Windows sensor or other software on the system, including the operating system.
Remediation
Users should upgrade to CrowdStrike Falcon Sensor for Windows version 7.28.20008 or later, 7.27.19909, 7.26.19813, 7.25.19707, or 7.24.19608. For Windows 7/2008 R2, version 7.16.18637 is available. The 7.24 hotfix will also update the Long-Term Visibility (LTV) Sensor for Windows IoT.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.