Skip to content

TAN-2025-014

Tanium addressed a local privilege escalation vulnerability in Screen Sharing and Endpoint Configuration Toolset Solution.

Severity: High

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact

This vulnerability could allow an attacker with access to a Windows systems running the Tanium Client and ScreenMeet to achieve local privilege escalation when writing into certain user-controllable directories.

Products Affected

7.4 and 7.5 Release:

  • Screen Sharing prior to v1.5.472.

2024H1 Release:

  • Endpoint Configuration Toolset Solution prior to Update 15 (v1.40.45).

2024H2 Release:

  • Endpoint Configuration Toolset Solution prior to Update 4 (v1.47.15)

Vulnerable tool versions:

  • Screen Sharing 1.5 prior to 1.5.472

  • Screen Sharing 1.6 prior to 1.6.76

  • Screen Sharing 2.0 prior to 2.0.1177

Available Updates

7.4 and 7.5 Release:

  • Screen Sharing v1.5.472 and later.

2024H1 Release:

  • Update 15 (Endpoint Configuration Toolset Solution v1.40.45) and later

2024H2 Release:

  • Update 4 (Endpoint Configuration Toolset Solution v1.47.15) and later

In addition to upgrading all impacted software, Tanium on-prem customers who use ECM should use Change Management in Endpoint Configuration to deploy one of the following Manifests to all endpoints:

  • 2.2.132 or later

  • 2.9.32 or later

Tanium Cloud customers who use ECM should use Change Management in Endpoint Configuration to deploy one of the following Manifests to all endpoints:

  • 2.11.42 or later

  • 2.12.39 or later

Workaround and Mitigations

None.

Acknowledgements

Tanium would like to thank Sheldon Johnson at Aviva for responsibly reporting this issue.