Skip to content

TAN-2025-017

Tanium addressed an arbitrary file deletion vulnerability in End User Notifications and Endpoint Configuration Toolset Solution.

Severity: Medium

Base Score: 5.1

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Impact

This vulnerability could allow an attacker with privileged access to a system running the Tanium Client to delete or overwrite arbitrary files.

Products Affected

7.4 and 7.5 Release:

  • End-User Notifications prior to 1.18.1112.

2024H1 Release:

  • Endpoint Configuration Toolset Solution prior to Update 16 (v1.40.48).

2024H2 Release:

  • Endpoint Configuration Toolset Solution prior to Update 5 (v1.47.16)

Vulnerable tool versions:

  • End-User Notifications 1.18 prior to 1.18.10079

  • End-User Notifications 10.0 prior to 10.0.14

  • End-User Notifications 10.1 prior to 10.1.20

Available Updates

7.4 and 7.5 Release:

  • End-User Notifications v1.18.1112 and later.

2024H1 Release:

  • Update 16 (Endpoint Configuration Toolset Solution v1.40.48) and later

2024H2 Release:

  • Update 5 (Endpoint Configuration Toolset Solution v1.47.16) and later

In addition to upgrading all impacted software, Tanium on-prem customers who use ECM should use Change Management in Endpoint Configuration to deploy one of the following Manifests to all endpoints:

  • 2.2.135 or later

  • 2.9.34 or later

Tanium Cloud customers who use ECM should use Change Management in Endpoint Configuration to deploy one of the following Manifests to all endpoints:

  • 2.11.44 or later

  • 2.12.43 or later

Workaround and Mitigations

None.

Acknowledgements

None.