Race Condition in Falcon Sensor for Windows by CrowdStrike
CVE-2025-42701

5.6MEDIUM

Key Information:

Vendor: Crowdstrike
Status: Falcon Sensor For Windows
Vendor: CVE Published:; 8 October 2025

🔔 Create Crowdstrike Vulnerability Alert

What is CVE-2025-42701?

A race condition vulnerability exists in CrowdStrike's Falcon sensor for Windows, enabling an attacker with prior code execution capabilities to delete arbitrary files. This issue was reported via the HackerOne bug bounty program and has been addressed in Falcon sensor for Windows versions 7.24 and newer, along with all Long Term Visibility sensors. Other Falcon sensors for Mac, Linux, and Legacy Systems are not affected. CrowdStrike's threat hunting team remains vigilant and is actively monitoring for any potential exploitation attempts.

Affected Version(s)

Falcon sensor for Windows Windows 7.28 < 7.28.20008

Falcon sensor for Windows Windows 7.27 < 7.27.19909

Falcon sensor for Windows Windows 7.26 < 7.26.19813

References

https://www.crowdstrike.com/en-us/security-advisories/iss...

CVSS V3.1

Score:

5.6

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 8, 2025
Vulnerability Reserved
Apr 16, 2025

JSON