Skip to content

TAN-2025-022

Tanium addressed a local privilege escalation vulnerability (CVE-2025-43715).

Severity: High

Base Score: 8.1

Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Impact

This vulnerability could allow an attacker with access to a Windows system where the Tanium Client is being installed to achieve local privilege escalation during the installation process.

Products Affected

Tanium Client 7.4 prior to version 7.4.10.1117.

2024H1 Release:

  • Tanium Client prior to Update 22 (v7.6.2.1327).

2024H2 Release:

  • Tanium Client prior to Update 11 (v7.6.4.2160).

2025H1 Release:

  • Tanium Client prior to Update 5 (v7.7.3.8231).

Available Updates

Tanium Client version 7.4.10.1117 and later.

2024H1 Release:

  • Update 22 (Tanium Client v7.6.2.1327) and later.

2024H2 Release:

  • Update 11 (Tanium Client v7.6.4.2160) and later.

2025H1 Release:

  • Update 5 (Tanium Client v7.7.3.8231) and later.

Workaround and Mitigations

None.

Acknowledgements

None.