CyberSecurityBoard
Sponsor Register Login

CrowdStrike Falcon Sensor for Linux TLS Vulnerability Enabling MiTM Attack

The vulnerability affects versions of the Falcon Sensor for Linux and related components prior to version 7.06. The issue arises from incorrect processing of server certificates during TLS communication with the CrowdStrike cloud. CrowdStrike has disclosed a high-severity vulnerability in its Falcon Sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor. This vulnerability could allow attackers with control over network traffic to conduct man-in-the-middle (MiTM) attacks by exploiting improper server certificate validation. The vulnerability exclusively affects Linux-based systems running the Falcon Sensor or its Kubernetes and container-specific counterparts. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The vulnerability, identified as CVE-2025-1146, originates from a validation logic error in the Transport Layer Security (TLS) connection routine. The vulnerability is classified under CWE-296 (“Improper Following of a Certificate’s Chain of Trust”) and CAPEC-94 (“Adversary in the Middle”), highlighting its nature as a certificate validation weakness. CrowdStrike identified the vulnerability during internal testing, following identifying the flaw, CrowdStrike released a fix in versions 7.06 and later for all affected products. CrowdStrike emphasized that no evidence exists of this vulnerability being exploited in real-world attacks to date.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 13 Feb 2025 04:25:22 +0000


Cyber News related to CrowdStrike Falcon Sensor for Linux TLS Vulnerability Enabling MiTM Attack

Falcon Cloud Security Supports Google Cloud Run to Strengthen Serverless Application Security - We're thrilled to share that the CrowdStrike Falcon® sensor now fully supports Google Cloud Run, bringing advanced security capabilities to your serverless applications. While we announced this at Google Cloud Next in April 2024, this blog goes ...
8 months ago Crowdstrike.com
CVE-2025-1146 - CrowdStrike uses industry-standard TLS (transport layer security) to secure communications from the Falcon sensor to the CrowdStrike cloud. CrowdStrike has identified a validation logic error in the Falcon sensor for Linux, Falcon Kubernetes ...
1 month ago Tenable.com
CrowdStrike Falcon Sensor for Linux TLS Vulnerability Enabling MiTM Attack - The vulnerability affects versions of the Falcon Sensor for Linux and related components prior to version 7.06. The issue arises from incorrect processing of server certificates during TLS communication with the CrowdStrike cloud. CrowdStrike has ...
1 month ago Cybersecuritynews.com CVE-2025-1146
CrowdStrike Demonstrates Cloud Security Leadership at AWS re:Invent - CrowdStrike is honored to be named Partner of the Year for several 2023 Geo and Global AWS Partner Awards at Amazon Web Services re:Invent 2023, where we are participating this year as a Diamond Sponsor. These accomplishments demonstrate our ...
1 year ago Crowdstrike.com
Researchers Bypassed CrowdStrike Falcon Sensor to Execute Malicious Applications - Security researchers at SEC Consult have discovered a significant vulnerability in CrowdStrike’s Falcon Sensor that allowed attackers to bypass detection mechanisms and execute malicious applications. The researchers at SEC Consult found that ...
1 week ago Cybersecuritynews.com
CrowdStrike Enhances Cloud Asset Visualization to Accelerate Risk Prioritization - The massive increase in cloud adoption has driven adversaries to focus their efforts on cloud environments - a shift that led to cloud intrusions increasing by 75% in 2023, emphasizing the need for stronger cloud security. As organizations increase ...
10 months ago Crowdstrike.com
CVE-2024-36886 - In the Linux kernel, the following vulnerability has been resolved: ...
8 months ago
Generative AI Takes on SIEM - With more vendors adding support for generative AI to their platforms and products, life for security analysts seems to be getting deceptively easier. While adding generative AI capabilities to security information and event management is still in ...
1 year ago Darkreading.com
US Grounds SpaceX Falcon After Second-Stage Issue | Silicon UK - The US Federal Aviation Administration (FAA) has grounded SpaceX’s Falcon rockets for the third time in three months after a second-stage problem occurred following the successful launch of a Dragon Crew mission that brought two astronauts to ...
5 months ago Silicon.co.uk Rocke
Hello Authentication Vulnerabilities Discovered: Stay Safe - In the realm of cybersecurity, a recent study has brought to light a series of Hello Authentication vulnerabilities that could compromise the Windows Hello authentication on popular laptop models, including Dell Inspiron 15, Lenovo ThinkPad T14, and ...
1 year ago Securityboulevard.com
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
1 year ago Cisa.gov
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
11 months ago Cisa.gov
Privilege elevation exploits used in over 50% of insider attacks - Elevation of privilege flaws are the most common vulnerability leveraged by corporate insiders when conducting unauthorized activities on networks, whether for malicious purposes or by downloading risky tools in a dangerous manner. A report by ...
1 year ago Bleepingcomputer.com CVE-2017-0213
Adding OpenSSL Generated Certificates to Your Server: A Comprehensive Guide - Utilizing SSL/TLS certificates to encrypt data transferred between your server and clients is one of the fundamental components of server security. The process of adding OpenSSL-generated certificates to your server will be covered in detail in this ...
1 year ago Feeds.dzone.com
CVE-2022-49094 - In the Linux kernel, the following vulnerability has been resolved: ...
2 weeks ago
Customer compliance and security during the post-quantum cryptographic migration | AWS Security Blog - For example, using the s2n-tls client built with AWS-LC (which supports the quantum-resistant KEMs), you could try connecting to a Secrets Manager endpoint by using a post-quantum TLS policy (for example, PQ-TLS-1-2-2023-12-15) and observe the PQ ...
5 months ago Aws.amazon.com
PowerSchool previously hacked in August, months before data breach - Although the company has not officially disclosed the number of people impacted by this incident, BleepingComputer first reported that the threat actor claimed to have stolen the data of 72 million people, including students and teachers. In that ...
5 days ago Bleepingcomputer.com
Attack Vector vs Attack Surface: The Subtle Difference - Cybersecurity discussions about "Attack vectors" and "Attack surfaces" sometimes use these two terms interchangeably. This article guides you through the distinctions between attack vectors and attack surfaces to help you better understand the two ...
2 years ago Trendmicro.com
7 Best Attack Surface Management Software for 2024 - Attack surface management is a relatively new cybersecurity technology that combines elements of vulnerability management and asset discovery with the automation capabilities of breach and attack simulation and applies them to an organization's ...
1 year ago Esecurityplanet.com
New NCCoE Guide Helps Major Industries Observe Incoming Data While Using Latest Internet Security Protocol - PRESS RELEASE. Companies in major industries such as finance and health care must follow best practices for monitoring incoming data for cyberattacks. The latest internet security protocol, known as TLS 1.3, provides state-of-the-art protection, but ...
1 year ago Darkreading.com
Apple To Drop Sensor From Some Watch Models - Redesign plan to remove blood-oxygen sensor on certain Apple Watch models is dependent on an appeal court decision. Apple is reportedly prepared to remove the blood-oxygen sensor from certain Apple Watch models, depending on a court decision. The ...
1 year ago Silicon.co.uk
CVE-2024-28836 - An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiating the TLS version on the server side, it can fall back to the TLS 1.2 implementation of the protocol if it is disabled. If the TLS 1.2 implementation was disabled at build time, a ...
11 months ago Tenable.com
CVE-2020-8023 - A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of ...
4 years ago
Top 7 Cyber Threat Hunting Tools for 2024 - Cyber threat hunting is a proactive security measure taken to detect and neutralize potential threats on a network before they cause significant damage. To seek out this type of threat, security professionals use cyber threat-hunting tools. With ...
1 year ago Techrepublic.com
5 Best Practices for Securing Azure Resources - Cloud computing has become the backbone for modern businesses due to its scalability, flexibility and cost-efficiency. As organizations choose cloud service providers to power their technological transformations, they must also properly secure their ...
11 months ago Crowdstrike.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)