MidnightBSD

Advisories for tanium

CVE-2025-13225

Tanium addressed an arbitrary file deletion vulnerability in TanOS.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 5.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L 0.8 4.7

Products Affected

Vendor Product Version
tanium tanos *
CVE-2025-15288

Tanium addressed an improper access controls vulnerability in Interact.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 3.1 LOW CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N 1.6 1.4

Products Affected

Vendor Product Version
tanium interact *
CVE-2025-15289

Tanium addressed an improper access controls vulnerability in Interact.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 3.1 LOW CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N 1.6 1.4

Products Affected

Vendor Product Version
tanium interact *
CVE-2025-15310

Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
tanium patch_endpoint_tools *
tanium endpoint_configuration_toolset_solution *
CVE-2025-15311

Tanium addressed an unauthorized code execution vulnerability in Tanium Appliance.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
tanium tanos *
CVE-2025-15312

Tanium addressed an improper output sanitization vulnerability in Tanium Appliance.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 6.6 MEDIUM CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 0.7 5.9

Products Affected

Vendor Product Version
tanium tanos *
CVE-2025-15313

Tanium addressed an arbitrary file deletion vulnerability in Tanium EUSS.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

Products Affected

Vendor Product Version
tanium euss *
CVE-2025-15314

Tanium addressed an arbitrary file deletion vulnerability in end-user-cx.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

Products Affected

Vendor Product Version
tanium end-user-cx *
CVE-2025-15315

Tanium addressed a local privilege escalation vulnerability in Tanium Module Server.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
tanium server *
tanium module_server *
CVE-2025-15316

Tanium addressed a local privilege escalation vulnerability in Tanium Server.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
tanium server *
tanium module_server *
CVE-2025-15317

Tanium addressed an uncontrolled resource consumption vulnerability in Tanium Server.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
tanium server *
CVE-2025-15318

Tanium addressed an arbitrary file deletion vulnerability in End-User Notifications Endpoint Tools.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

Products Affected

Vendor Product Version
tanium end-user_notifications *
CVE-2025-15319

Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
tanium patch_endpoint_tools *
CVE-2025-15320

Tanium addressed a denial of service vulnerability in Tanium Client.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L 1.8 1.4

Products Affected

Vendor Product Version
tanium tanium *
CVE-2025-15321

Tanium addressed an improper input validation vulnerability in Tanium Appliance.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 2.7 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N 1.2 1.4

Products Affected

Vendor Product Version
tanium tanos *
CVE-2025-15322

Tanium addressed an improper access controls vulnerability in Tanium Server.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
tanium server *
CVE-2025-15323

Tanium addressed an improper certificate validation vulnerability in Tanium Appliance.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 3.7 LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N 2.2 1.4

Products Affected

Vendor Product Version
tanium tanos *
CVE-2025-15324

Tanium addressed a documentation issue in Engage.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 6.6 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H 1.3 5.2

Products Affected

Vendor Product Version
tanium engage *
CVE-2025-15325

Tanium addressed an improper input validation vulnerability in Discover.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 2.8 3.4

Products Affected

Vendor Product Version
tanium discover *
CVE-2025-15326

Tanium addressed an improper access controls vulnerability in Patch.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
tanium patch *
CVE-2025-15327

Tanium addressed an improper access controls vulnerability in Deploy.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
tanium deploy *
CVE-2025-15329

Tanium addressed an information disclosure vulnerability in Threat Response.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 1.2 3.6

Products Affected

Vendor Product Version
tanium threat_response *
CVE-2025-15330

Tanium addressed an improper input validation vulnerability in Deploy.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
tanium deploy *
CVE-2025-15331

Tanium addressed an uncontrolled resource consumption vulnerability in Connect.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L 2.8 1.4

Products Affected

Vendor Product Version
tanium connect *
CVE-2025-15332

Tanium addressed an information disclosure vulnerability in Threat Response.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 1.2 3.6

Products Affected

Vendor Product Version
tanium threat_response *
CVE-2025-15333

Tanium addressed an information disclosure vulnerability in Threat Response.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
tanium threat_response *
CVE-2025-15334

Tanium addressed an information disclosure vulnerability in Threat Response.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
tanium threat_response *
CVE-2025-15335

Tanium addressed an information disclosure vulnerability in Threat Response.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
tanium threat_response *
CVE-2025-15336

Tanium addressed an incorrect default permissions vulnerability in Performance.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N 1.2 5.2

Products Affected

Vendor Product Version
tanium performance *
CVE-2025-15337

Tanium addressed an incorrect default permissions vulnerability in Patch.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N 1.2 5.2

Products Affected

Vendor Product Version
tanium patch *
CVE-2025-15338

Tanium addressed an incorrect default permissions vulnerability in Partner Integration.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N 1.2 5.2

Products Affected

Vendor Product Version
tanium partner_integration *
CVE-2025-15339

Tanium addressed an incorrect default permissions vulnerability in Discover.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N 1.2 5.2

Products Affected

Vendor Product Version
tanium discover *
CVE-2025-15340

Tanium addressed an incorrect default permissions vulnerability in Comply.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N 1.2 5.2

Products Affected

Vendor Product Version
tanium comply *
CVE-2025-15341

Tanium addressed an incorrect default permissions vulnerability in Benchmark.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N 1.2 5.2

Products Affected

Vendor Product Version
tanium benchmark *
CVE-2025-15342

Tanium addressed an improper access controls vulnerability in Reputation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
tanium reputation *
CVE-2025-15343

Tanium addressed an incorrect default permissions vulnerability in Enforce.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N 1.2 5.2

Products Affected

Vendor Product Version
tanium enforce *
CVE-2026-0925

Tanium addressed an improper input validation vulnerability in Discover.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 2.7 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L 1.2 1.4

Products Affected

Vendor Product Version
tanium discover *
CVE-2026-1224

Tanium addressed an uncontrolled resource consumption vulnerability in Discover.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
tanium discover *
CVE-2026-1292

Tanium addressed an insertion of sensitive information into log file vulnerability in Trends.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
tanium trends *
CVE-2026-1344

Tanium addressed an insecure file permissions vulnerability in Enforce Recovery Key Portal.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 6.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N 2.0 4.0

Products Affected

Vendor Product Version
tanium enforce_recovery_key_portal *
CVE-2026-2350

Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
tanium interact *
CVE-2026-2408

Tanium addressed a use-after-free vulnerability in the Cloud Workloads Enforce client extension.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H 1.0 3.6

Products Affected

Vendor Product Version
tanium cloud_workloads *
CVE-2026-2435

Tanium addressed a SQL injection vulnerability in Asset.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 2.8 3.4

Products Affected

Vendor Product Version
tanium asset *
CVE-2026-2605

Tanium addressed an insertion of sensitive information into log file vulnerability in TanOS.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
3938794e-25f5-4123-a1ba-5cbd7f104512 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N 1.6 3.6

Products Affected

Vendor Product Version
tanium tanos *