CVE-2025-15336— Tanium addressed an incorrect default permissions vulnerability in Performance.

CVSS 6.5 · Medium EPSS 0.01% · P1 Updated Feb 07, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-15336

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Tanium addressed an incorrect default permissions vulnerability in Performance.

Source: NVD (National Vulnerability Database)

Vulnerability Description

Tanium addressed an incorrect default permissions vulnerability in Performance.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

缺省权限不正确

Source: NVD (National Vulnerability Database)

Vulnerability Title

Tanium Performance 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Tanium Performance是美国Tanium公司的一个终端性能监控与故障排查的模块。 Tanium Performance存在安全漏洞，该漏洞源于默认权限设置不当。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Tanium	Performance	1.17.0 ~ 1.17.134	`cpe:2.3:a:tanium:service_performance:1.17.133:::::::*`

II. Public POCs for CVE-2025-15336

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-15336

Please Login to view more intelligence information

https://nvd.nist.gov/vuln/detail/CVE-2025-15336

Same Patch Batch · Tanium · 2026-02-05 · 25 CVEs total

CVE-2025-15330	8.8 HIGH	Tanium addressed an improper input validation vulnerability in Deploy.
CVE-2025-15311	7.8 HIGH	Tanium addressed an unauthorized code execution vulnerability in Tanium Appliance.
CVE-2025-15324	6.6 MEDIUM	Tanium addressed a local privilege escalation vulnerability in Engage.
CVE-2025-15312	6.6 MEDIUM	Tanium addressed an improper output sanitization vulnerability in TanOS.
CVE-2025-15339	6.5 MEDIUM	Tanium addressed an incorrect default permissions vulnerability in Discover.
CVE-2025-15340	6.5 MEDIUM	Tanium addressed an incorrect default permissions vulnerability in Comply.
CVE-2025-15337	6.5 MEDIUM	Tanium addressed an incorrect default permissions vulnerability in Patch.
CVE-2025-15343	6.5 MEDIUM	Tanium addressed an incorrect default permissions vulnerability in Enforce.
CVE-2025-15338	6.5 MEDIUM	Tanium addressed an incorrect default permissions vulnerability in Partner Integration.
CVE-2025-15341	6.5 MEDIUM	Tanium addressed an incorrect default permissions vulnerability in Benchmark.
CVE-2025-15325	6.3 MEDIUM	Tanium addressed an improper input validation vulnerability in Discover.
CVE-2025-15328	5.0 MEDIUM	Tanium addressed an improper link resolution before file access vulnerability in Enforce.
CVE-2025-15332	4.9 MEDIUM	Tanium addressed an information disclosure vulnerability in Threat Response.
CVE-2025-15329	4.9 MEDIUM	Tanium addressed an information disclosure vulnerability in Threat Response.
CVE-2025-15334	4.3 MEDIUM	Tanium addressed an information disclosure vulnerability in Threat Response.
CVE-2025-15331	4.3 MEDIUM	Tanium addressed an uncontrolled resource consumption vulnerability in Connect.
CVE-2025-15327	4.3 MEDIUM	Tanium addressed an improper access controls vulnerability in Deploy.
CVE-2025-15333	4.3 MEDIUM	Tanium addressed an information disclosure vulnerability in Threat Response.
CVE-2025-15342	4.3 MEDIUM	Tanium addressed an improper access controls vulnerability in Reputation.
CVE-2025-15326	4.3 MEDIUM	Tanium addressed an improper access controls vulnerability in Patch.

Showing top 20 of 25 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same vendor: Tanium

Same weakness: CWE-276

V. Comments for CVE-2025-15336

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-15336— Tanium addressed an incorrect default permissions vulnerability in Performance.

I. Basic Information for CVE-2025-15336

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-15336

III. Intelligence Information for CVE-2025-15336

Same Patch Batch · Tanium · 2026-02-05 · 25 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2025-15336

Leave a comment