Skip to content

TAN-2025-023

Tanium addressed a denial of service vulnerability in Tanium Client.

Severity: Low

Base Score: 3.3

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Impact

This vulnerability could allow an attacker with access to a system running the Tanium Client to perform a denial of service attack against the Tanium Client API.

Products Affected

Tanium Client 7.4 prior to version 7.4.10.1117.

2024H1 Release:

  • Tanium Client prior to Update 22 (v7.6.2.1327).

2024H2 Release:

  • Tanium Client prior to Update 11 (v7.6.4.2160).

2025H1 Release:

  • Tanium Client prior to Update 5 (v7.7.3.8231).

Available Updates

Tanium Client version 7.4.10.1117 and later.

2024H1 Release:

  • Update 22 (Tanium Client v7.6.2.1327) and later.

2024H2 Release:

  • Update 11 (Tanium Client v7.6.4.2160) and later.

2025H1 Release:

  • Update 5 (Tanium Client v7.7.3.8231) and later.

Workaround and Mitigations

None.

Acknowledgements

Tanium would like to thank Filip Waeytens, Frank Lycops, Jean-Michel Huguet, Jorge Escabias and Justin Hocquel from the NCIA/NCSC for responsibly reporting this issue.