CVE-2025-15335
Information Disclosure Vulnerability in Tanium Threat Response
Publication date: 2026-02-05
Last updated on: 2026-02-10
Assigner: Tanium
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tanium | threat_response | From 4.5.0 (inc) to 4.5.266 (exc) |
| tanium | threat_response | From 4.6.0 (inc) to 4.6.536 (exc) |
| tanium | threat_response | From 4.9.0 (inc) to 4.9.324 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-276 | During installation, installed file permissions are set to allow anyone to modify those files. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2025-15335 is an information disclosure vulnerability in Tanium Threat Response. It allows an authenticated Tanium user who has either the "Threat Response Tasks - Read" or "Threat Response Notifications - Read & Write" permissions to gain unauthorized read-only access to data beyond what they are normally allowed to see.'}, {'type': 'paragraph', 'content': 'This flaw affects versions of Threat Response prior to certain updates in the 2024H1, 2024H2, and 2025H1 releases. The vulnerability has a medium severity with a CVSS 3.1 base score of 4.3.'}] [1]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing users with limited permissions to access sensitive information that they should not be able to see. This unauthorized read-only access to data beyond their intended scope could lead to exposure of confidential or sensitive information.
Since the vulnerability does not allow modification or deletion of data, the impact is limited to information disclosure.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves unauthorized read-only access by authenticated users with specific permissions in Tanium Threat Response. Detection would require verifying the version of Threat Response deployed and monitoring user permissions and access patterns.
Specifically, check if the Threat Response version is prior to Update 22 (v4.5.266) in 2024H1, prior to Update 11 (v4.6.536) in 2024H2, or prior to Update 5 (v4.9.324) in 2025H1, as these versions are vulnerable.
No specific detection commands or network signatures are provided in the available information.
What immediate steps should I take to mitigate this vulnerability?
The only mitigation available is to apply the appropriate updates to Tanium Threat Response.
- Update to at least Update 22 (v4.5.266) in the 2024H1 release.
- Or update to at least Update 11 (v4.6.536) in the 2024H2 release.
- Or update to at least Update 5 (v4.9.324) in the 2025H1 release.
No other workarounds or mitigations are available.