CVE-2025-1146

Summary

CVE-2025-1146 is a validation logic error identified in CrowdStrike's Falcon sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor. This issue allows an attacker to potentially conduct a man-in-the-middle attack by incorrectly processing server certificate validation during TLS connections to the CrowdStrike cloud. The vulnerability was internally discovered by CrowdStrike and fixed in versions 7.06 and above. Although no exploitation in the wild has been reported, CrowdStrike has strengthened its security review process and is actively monitoring for signs of abuse. Windows and Mac sensors are not affected.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.