TAN-2025-018
Tanium addressed a heap-based buffer overflow vulnerability in the Tanium Server and in all Tanium Client Extensions.
Severity: Medium
Base Score: 5.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
Impact
This vulnerability could allow an attacker with access to a system running the Tanium Client to cause one or more of the Tanium Client Extensions to crash on that particular endpoint.
Products Affected
2024H1 Release:
- Tanium Server prior to Update 17 (v7.6.2.1309).
2024H2 Release:
- Tanium Server prior to Update 9 (v7.6.4.2144).
2025H1 Release:
- Tanium Server prior to Update 1-OOB (v7.7.3.8194) or later.
Vulnerable tool versions:
-
integrity-monitor-cx prior to 1.3.4333.0
-
integrity-monitor-cx prior to 1.4.3270.0
-
integrity-monitor-cx prior to 1.5.2411.0
-
end-user-cx prior to 1.4.1178
-
end-user-cx prior to 1.6.931
-
end-user-cx prior to 1.8.24
-
end-user-cx prior to 1.9.1334
-
risk-cx prior to 1.1.2116
-
risk-cx prior to 1.2.6321
-
Recorder prior to 2.12.1952
-
Recorder prior to 2.14.852
-
Recorder prior to 2.16.379
-
Recorder prior to 3.22.1505
-
cx-stream prior to 2.1.1448
-
cx-stream prior to 2.3.477
-
cx-stream prior to 2.4.1156
-
index-cx prior to 3.6.2507
-
index-cx prior to 3.8.1115
-
index-cx prior to 3.9.493
-
provision-cx prior to 1.1.3960
-
provision-cx prior to 1.2.1407
-
provision-cx prior to 1.3.1970
-
provision-cx prior to 1.4.873
-
enforce-cx prior to 2.11.578
-
enforce-cx prior to 2.16.812
-
enforce-cx prior to 2.17.1153
-
enforce-cx prior to 2.18.1417
-
dec-cx prior to 2.7.1135
-
dec-cx prior to 2.8.1423
-
dec-cx prior to 2.9.871
-
dec-cx prior to 2.10.1753
-
performance-cx prior to 2.1.875
-
performance-cx prior to 2.4.790
-
performance-cx prior to 2.6.243
-
performance-cx prior to 2.7.626
-
discover-cx prior to 1.4.5219
-
discover-cx prior to 1.6.612
-
cx-config prior to 1.4.2910
-
cx-config prior to 1.5.5761
-
cx-config prior to 1.6.1351
-
cx-config prior to 1.7.1311
-
extras-cx prior to 1.6.337
-
extras-cx prior to 1.9.476
-
extras-cx prior to 1.10.721
-
extras-cx prior to 1.11.747
-
comply-cx prior to 1.14.273
-
comply-cx prior to 1.17.840
-
comply-cx prior to 1.19.209
-
comply-cx prior to 1.20.602
-
comply-cx prior to 1.21.1231
-
threat-response-cx prior to 1.15.940
-
threat-response-cx prior to 1.17.772
-
threat-response-cx prior to 1.18.2701
-
client-deploy-cx prior to 1.1.1693
-
client-deploy-cx prior to 1.2.1677
-
client-deploy-cx prior to 1.3.2133
-
core-cx prior to 2.9.2010
-
core-cx prior to 2.10.784
-
core-cx prior to 2.11.973
-
core-cx prior to 2.13.171
-
core-cx prior to 2.14.463
-
core-cx prior to 2.15.1315
-
core-cx prior to 2.16.526
-
swmgr-cx prior to 3.2.152
-
swmgr-cx prior to 3.4.1131
-
swmgr-cx prior to 3.6.442
-
swmgr-cx prior to 3.7.862
-
swmgr-cx prior to 3.8.567
-
swmgr-cx prior to 3.9.313
Available Updates
2024H1 Release:
- Update 17 (Tanium Server 7.6.2.1309) or later.
2024H2 Release:
- Update 9 (Tanium Server 7.6.4.2144) or later.
2025H1 Release:
- Update 1-OOB (Tanium Server 7.7.3.8194) or later.
Customers who use ECM should take the following actions:
Use Change Management in Endpoint Configuration to deploy Manifest version 2.2.143 and later to all endpoints.
Use Change Management in Endpoint Configuration to deploy Manifest version 2.9.45 and later to all endpoints.
Use Change Management in Endpoint Configuration to deploy Manifest version 2.12.49 and later to all endpoints.
Use Change Management in Endpoint Configuration to deploy Manifest version 2.13.13 and later to all endpoints.
Use Change Management in Endpoint Configuration to deploy Manifest version 2.14.25 and later to all endpoints.
Use Change Management in Endpoint Configuration to deploy Manifest version 2.16.34 and later to all endpoints.
Workaround and Mitigations
None.
Acknowledgements
None.