Race Condition in Falcon Sensor for Windows by CrowdStrike
CVE-2025-42701

5.6MEDIUM

Key Information:

Vendor

Crowdstrike

Status
Falcon Sensor For Windows
Vendor
CVE Published:
8 October 2025

What is CVE-2025-42701?

A race condition vulnerability exists in CrowdStrike's Falcon sensor for Windows, enabling an attacker with prior code execution capabilities to delete arbitrary files. This issue was reported via the HackerOne bug bounty program and has been addressed in Falcon sensor for Windows versions 7.24 and newer, along with all Long Term Visibility sensors. Other Falcon sensors for Mac, Linux, and Legacy Systems are not affected. CrowdStrike's threat hunting team remains vigilant and is actively monitoring for any potential exploitation attempts.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Falcon sensor for Windows Windows 7.28 < 7.28.20008

Falcon sensor for Windows Windows 7.27 < 7.27.19909

Falcon sensor for Windows Windows 7.26 < 7.26.19813

References

https://www.crowdstrike.com/en-us/security-advisories/iss...

CVSS V3.1

Score:
5.6
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.