Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2025-15333 is an information disclosure vulnerability in Tanium Threat Response. It affects versions prior to certain updates in 2024 and 2025. The vulnerability allows an authenticated Tanium user who has the "Threat Response Sources - Write" permission to gain unauthorized read-only access to data beyond what they are normally allowed to see.'}] [1]

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can lead to unauthorized disclosure of sensitive information because users with certain permissions can access data outside their intended scope. Although the access is read-only, it may expose confidential or sensitive data, potentially leading to information leakage within an organization.

Useful 0 Not Useful 0

Compliance Impact

I don't know

Useful 0 Not Useful 0

Detection Guidance

I don't know

Useful 0 Not Useful 0

Mitigation Strategies

To mitigate this vulnerability, you should update Tanium Threat Response to the fixed versions: Update 22 (v4.5.266) for 2024H1, Update 11 (v4.6.536) for 2024H2, or Update 5 (v4.9.324) for 2025H1 or later.

There are no available workarounds or mitigations other than applying these updates.

Useful 0 Not Useful 0