Can you explain this vulnerability to me?

CVE-2025-15331 is an uncontrolled resource consumption vulnerability in Tanium Connect. It allows an authenticated Tanium user with Connect Write permission to consume an unlimited amount of disk space on the Tanium Management Server (TMS). This can lead to resource exhaustion on the server.

Useful 0 Not Useful 0

How can this vulnerability impact me? :

The vulnerability can impact you by allowing an authenticated user to exhaust disk space on the Tanium Management Server. This uncontrolled resource consumption can degrade system performance, cause service disruptions, or potentially lead to denial of service conditions.

Useful 0 Not Useful 0

How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know

Useful 0 Not Useful 0

How can this vulnerability be detected on my network or system? Can you suggest some commands?

There are no specific detection commands or methods provided to identify this vulnerability on your network or system.

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include upgrading Tanium Connect to a fixed version.

• Upgrade to Connect v5.22.100 or later for the 7.4 and 7.5 releases.
• Upgrade to Update 16 (v5.22.100) or later for the 2024H1 release.
• Upgrade to Update 5 (v5.26.87) or later for the 2024H2 release.

No workarounds or other mitigations are available.

Useful 0 Not Useful 0