CVE-2025-15325— Tanium addressed an improper input validation vulnerability in Discover.

CVSS 6.3 · Medium EPSS 0.02% · P6 Updated Feb 07, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-15325

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Tanium addressed an improper input validation vulnerability in Discover.

Source: NVD (National Vulnerability Database)

Vulnerability Description

Tanium addressed an improper input validation vulnerability in Discover.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Source: NVD (National Vulnerability Database)

Vulnerability Type

SQL命令中使用的特殊元素转义处理不恰当(SQL注入)

Source: NVD (National Vulnerability Database)

Vulnerability Title

Tanium Discover 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Tanium Discover是美国Tanium公司的一个资产扫描模块。 Tanium Discover存在安全漏洞，该漏洞源于输入验证不当。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Tanium	Discover	4.10.0 ~ 4.10.90	`cpe:2.3:a:tanium:service_discover:4.10.89:::::::*`

II. Public POCs for CVE-2025-15325

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-15325

Please Login to view more intelligence information

https://nvd.nist.gov/vuln/detail/CVE-2025-15325

Same Patch Batch · Tanium · 2026-02-05 · 25 CVEs total

CVE-2025-15330	8.8 HIGH	Tanium addressed an improper input validation vulnerability in Deploy.
CVE-2025-15311	7.8 HIGH	Tanium addressed an unauthorized code execution vulnerability in Tanium Appliance.
CVE-2025-15324	6.6 MEDIUM	Tanium addressed a local privilege escalation vulnerability in Engage.
CVE-2025-15312	6.6 MEDIUM	Tanium addressed an improper output sanitization vulnerability in TanOS.
CVE-2025-15336	6.5 MEDIUM	Tanium addressed an incorrect default permissions vulnerability in Performance.
CVE-2025-15339	6.5 MEDIUM	Tanium addressed an incorrect default permissions vulnerability in Discover.
CVE-2025-15340	6.5 MEDIUM	Tanium addressed an incorrect default permissions vulnerability in Comply.
CVE-2025-15337	6.5 MEDIUM	Tanium addressed an incorrect default permissions vulnerability in Patch.
CVE-2025-15343	6.5 MEDIUM	Tanium addressed an incorrect default permissions vulnerability in Enforce.
CVE-2025-15338	6.5 MEDIUM	Tanium addressed an incorrect default permissions vulnerability in Partner Integration.
CVE-2025-15341	6.5 MEDIUM	Tanium addressed an incorrect default permissions vulnerability in Benchmark.
CVE-2025-15328	5.0 MEDIUM	Tanium addressed an improper link resolution before file access vulnerability in Enforce.
CVE-2025-15332	4.9 MEDIUM	Tanium addressed an information disclosure vulnerability in Threat Response.
CVE-2025-15329	4.9 MEDIUM	Tanium addressed an information disclosure vulnerability in Threat Response.
CVE-2025-15334	4.3 MEDIUM	Tanium addressed an information disclosure vulnerability in Threat Response.
CVE-2025-15331	4.3 MEDIUM	Tanium addressed an uncontrolled resource consumption vulnerability in Connect.
CVE-2025-15327	4.3 MEDIUM	Tanium addressed an improper access controls vulnerability in Deploy.
CVE-2025-15333	4.3 MEDIUM	Tanium addressed an information disclosure vulnerability in Threat Response.
CVE-2025-15342	4.3 MEDIUM	Tanium addressed an improper access controls vulnerability in Reputation.
CVE-2025-15326	4.3 MEDIUM	Tanium addressed an improper access controls vulnerability in Patch.

Showing top 20 of 25 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Discover

Same vendor: Tanium

Same weakness: CWE-89

V. Comments for CVE-2025-15325

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-15325— Tanium addressed an improper input validation vulnerability in Discover.

I. Basic Information for CVE-2025-15325

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-15325

III. Intelligence Information for CVE-2025-15325

Same Patch Batch · Tanium · 2026-02-05 · 25 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2025-15325

Leave a comment