Happy #PatchTuesday from **CrowdStrike**: [CVE 2025-1146 - CrowdStrike Falcon Sensor for Linux TLS Issue](https://www.crowdstrike.com/security-advisories/cve-2025-1146/ )
[CVE-2025-1146](https://www.cve.org/CVERecord?id=CVE-2025-1146 ) CrowdStrike Falcon Sensor for Linux TLS Issue:
> CrowdStrike uses industry-standard TLS (transport layer security) to secure communications from the Falcon sensor to the CrowdStrike cloud. CrowdStrike has identified a validation logic error in the Falcon sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor where our TLS connection routine to the CrowdStrike cloud can incorrectly process server certificate validation. This could allow an attacker with the ability to control network traffic to potentially conduct a man-in-the-middle (MiTM) attack.
> CrowdStrike has no indication of any exploitation of this issue in the wild.
I want to note that ClownStrike does not have a date or timestamp on their security advisory. 🤡 h/t: cR0w :gayint: :ifin: :brdKnife: (npub1s6e…n008)
#crowdstrike #crowdstrikefalcon #CVE_2025_1146 #cve #vulnerability #infosec #cybersecurity
Not Simon 🐐
npub14g…xznd6
2025-02-12 19:04:52 UTC
in reply to nevent1q…2dge
Author Public Key
npub14g0mj0fmn0sepfuhp2wupyk7d8xyz7rezpmrx2gfsav9vxlwxypq4xznd6Seen on
wss://relay.momostr.pinkPublished at
2025-02-12 19:04:52 UTCEvent JSON
{
"id": "39109b45c9523d304d43a48e5e4db10c35abd0d7199e72ee88c0d30d211ca8f9",
"pubkey": "aa1fb93d3b9be190a7970a9dc092de69cc41787910763329098758561bee3102",
"created_at": 1739387092,
"kind": 1,
"tags": [
[
"e",
"31fe37ea949b57016a89374d925f929ecde46d422c5a8766798f44cca5e9704a",
"",
"root",
"aa1fb93d3b9be190a7970a9dc092de69cc41787910763329098758561bee3102"
],
[
"p",
"86b397086a130510861dd58f255fadeee1c47815185fa3bb628a06b4d6af31ac"
],
[
"t",
"crowdstrike"
],
[
"t",
"cve"
],
[
"p",
"0d873008be129d8b236e47f16c6108d533d9b1d17059c8661e9841f633505bf5"
],
[
"e",
"d6e5fb8401211de19e0575e4851e8eb6918280c3d55b14dbb6a86522c6c7a52d",
"",
"reply",
"aa1fb93d3b9be190a7970a9dc092de69cc41787910763329098758561bee3102"
],
[
"t",
"vulnerability"
],
[
"t",
"patchtuesday"
],
[
"t",
"infosec"
],
[
"p",
"aa1fb93d3b9be190a7970a9dc092de69cc41787910763329098758561bee3102"
],
[
"t",
"cybersecurity"
],
[
"proxy",
"https://infosec.exchange/@screaminggoat/113992472498063010",
"web"
],
[
"t",
"cve_2025_1146"
],
[
"t",
"crowdstrikefalcon"
],
[
"proxy",
"https://infosec.exchange/users/screaminggoat/statuses/113992472498063010",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/screaminggoat/statuses/113992472498063010",
"pink.momostr"
],
[
"-"
]
],
"content": "Happy #PatchTuesday from **CrowdStrike**: [CVE 2025-1146 - CrowdStrike Falcon Sensor for Linux TLS Issue](https://www.crowdstrike.com/security-advisories/cve-2025-1146/ )\n[CVE-2025-1146](https://www.cve.org/CVERecord?id=CVE-2025-1146 ) CrowdStrike Falcon Sensor for Linux TLS Issue:\n\n\u003e CrowdStrike uses industry-standard TLS (transport layer security) to secure communications from the Falcon sensor to the CrowdStrike cloud. CrowdStrike has identified a validation logic error in the Falcon sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor where our TLS connection routine to the CrowdStrike cloud can incorrectly process server certificate validation. This could allow an attacker with the ability to control network traffic to potentially conduct a man-in-the-middle (MiTM) attack.\n\n\u003e CrowdStrike has no indication of any exploitation of this issue in the wild.\n\nI want to note that ClownStrike does not have a date or timestamp on their security advisory. 🤡 h/t: nostr:npub1s6eewzr2zvz3ppsa6k8j2hadamsug7q4rp068wmz3grtf440xxkqr8n008\n\n#crowdstrike #crowdstrikefalcon #CVE_2025_1146 #cve #vulnerability #infosec #cybersecurity",
"sig": "cc0ff66714619a4ddc59682dfef7a1b4a477e8a5af74215b1a4587455f9890d1595a9f08b35c9bdb0f0754adb82867268c8f2da758179e26bb6058efb1f47d31"
}