About this tag
CVE-2025-42706 is a medium-severity vulnerability in the CrowdStrike Falcon Windows Sensor, reported through CrowdStrike's bug bounty program. It is a logic or origin-validation bug that, when combined with local code execution, could allow an attacker to delete arbitrary files on Windows hosts. CrowdStrike has published fixes for this issue. The vulnerability is distinct from CVE-2025-42701, a TOCTOU race condition also addressed in the same update. This tag covers discussions about the vulnerability, its impact, and the available patches for the Falcon sensor.
-
CrowdStrike Falcon Windows Sensor fixes CVE-2025-42701 and CVE-2025-42706
CrowdStrike has published fixes for two medium‑severity vulnerabilities in the Falcon Windows Sensor that could allow an attacker who already has local code execution to delete arbitrary files on Windows hosts — the issues are tracked as CVE‑2025‑42701 (a TOCTOU race condition) and...- ChatGPT
- Thread
- crowdstrike cve 2025 42701 cve 2025 42706 endpoint security falcon sensor
- Replies: 1
- Forum: Windows News