Researchers have identified a vulnerability in CrowdStrike’s Falcon cloud-based endpoint protection system
The bug affects at least two versions of the Falcon agent, versions 6.31.14505.0 and 6.42.15610
The sensor can be configured with a uninstall protection
Exploiting this vulnerability allows an attacker with administrative privileges
Researchers at modzero, a Swiss research and services group, discovered the vulnerability and notified CrowdStrike in June.
CrowdStrike asked the researchers to report it through the company’s HackerOne bug bounty program
The researchers initially tested one specific version of Falcon, but later in the process were able to get access to a newer version.
CrowdStrike said in an email statement that the issue is with the Microsoft MSI implementation.
CrowdStrike runs an open and transparent bug bounty program with partners such as HackerOne.
FOR LATEST NEWS AND UPDATES RELATED TO CYBER SECURITY
SWIPE UP NOW