1.0 Introduction
Recently, CrowdStrike has released security updates to address a high severity vulnerability in its Falcon Sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor.
2.0 Impact
This vulnerability stems from a Transport Layer Security (TLS) validation logic error, potentially allowing attackers to carry out man-in-middle (MiTM) attacks, intercepting and manipulating communication between the affected sensor software and the CrowdStrike cloud.
3.0 Affected System and Devices
- Falcon Sensor for Linux (all versions prior to 7.21)
- Falcon Kubernetes Admission Controller (all versions prior to 7.21)
- Falcon Container Sensor (all versions prior to 7.21)
4.0 Recommendations
CyberSecurity Malaysia encourages users and administrators to review CrowdStrike security updates for more information and apply the necessary updates.
Kindly refer to the following URLs for more information:
Generally, Cyber999 advises the users to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact us through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 08:30 -17:30 MYT
Web:
https://www.mycert.org.my
5.0 References