Skip to content

TAN-2026-001

Tanium addressed an uncontrolled resource consumption vulnerability in Discover.

Severity: Medium

Base Score: 4.9

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Impact

This vulnerability could allow an authenticated Tanium user with the Discover Locations Write permission to perform a denial of service attack against the Tanium Module Server.

Products Affected

2024H2 Release:

  • Discover prior to Update 20 (v4.10 to v4.10.134)

2025H1 Release:

  • Discover prior to Update 13 (v4.10 to v4.10.134)

2025H2 Release:

  • Discover prior to Update 3 (v4.15 to v4.15.130)

Available Updates

2024H2 Release:

  • Update 20 (Discover v4.10.134) and later

2025H1 Release:

  • Update 13 (Discover v4.10.134) and later

2025H2 Release:

  • Update 3 (Discover v4.15.130) and later

Workaround and Mitigations

None.

Acknowledgements

None.