CVE-2025-15324
Documentation Disclosure Issue in Tanium Engage Component
Publication date: 2026-02-05
Last updated on: 2026-02-10
Assigner: Tanium
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tanium | engage | From 1.3.0 (inc) to 1.3.37 (exc) |
| tanium | engage | From 1.6.0 (inc) to 1.6.193 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-59 | The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-15324 is a local privilege escalation vulnerability in Tanium Engage affecting versions prior to 1.3.37 and 1.6.193.
The issue occurs when a file is deleted from or written to a user-controlled location on a system running the Tanium Client, which may allow an attacker with local access to escalate their privileges.
This vulnerability requires local access and user interaction, has low attack complexity, and low privileges required to exploit.
How can this vulnerability impact me? :
This vulnerability can allow an attacker with local access to escalate their privileges on the affected system.
The CVSS score indicates high impact on integrity and availability, meaning the attacker could potentially alter or disrupt system operations.
There is no impact on confidentiality according to the CVSS vector.
No workarounds or mitigations are available, so updating to fixed versions is necessary to address the issue.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
CVE-2025-15324 is a local privilege escalation vulnerability in Tanium Engage affecting versions prior to 1.3.37 and 1.6.193. Detection involves identifying if vulnerable versions of Tanium Engage are installed on the system.
Since the vulnerability arises from file deletion or writing in user-controlled locations on a system running the Tanium Client, monitoring for unusual file operations or privilege escalations locally may help detect exploitation attempts.
However, no specific detection commands or network-based detection methods are provided in the available information.
What immediate steps should I take to mitigate this vulnerability?
There are no workarounds or mitigations available for this vulnerability.
The immediate step to mitigate this vulnerability is to upgrade Tanium Engage to version 1.3.37 or later, or 1.6.193 or later, where the issue has been addressed.