Tanium End User Notifications & Endpoint Configuration Toolset Arbitrary File Deletion Vulnerability (CVE-2025-15318)

Key Information Summary CVE ID: CVE-2025-15318 Vulnerability Number: TAN-2025-017 Release Date: May 7, 2025 Vulnerability Description: Arbitrary file deletion vulnerability in Tanium End User Notifications and Endpoint Configuration Toolset Solution. Severity: Medium CVSS Base Score: 5.1 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Impact This vulnerability allows attackers with privileged access to systems running the Tanium client to delete or overwrite arbitrary files. Affected Products 7.4 and 7.5 versions: - End-User Notifications versions prior to 1.18.1112. 2024H1 Release: - Endpoint Configuration Toolset Solution versions prior to Update 16 (v1.40.48). 2024H2 Release: - Endpoint Configuration Toolset Solution versions prior to Update 5 (v1.47.16). Vulnerable Tool Versions End-User Notifications 1.18: versions prior to 1.18.10079 End-User Notifications 10.0: versions prior to 10.0.14 End-User Notifications 10.1: versions prior to 10.1.20 Available Updates 7.4 and 7.5 versions: - End-User Notifications v1.18.1112 and later. 2024H1 Release: - Endpoint Configuration Toolset Solution v1.40.48 Update 16 and later. 2024H2 Release: - Endpoint Configuration Toolset Solution v1.47.16 Update 5 and later. In addition to upgrading all affected software, Tanium on-prem customers using ECM should deploy the following manifests via Change Management in Endpoint Configuration to all endpoints: 2.2.135 and later 2.9.34 and later Tanium Cloud customers using ECM should deploy the following manifests via Change Management in Endpoint Configuration to all endpoints: 2.11.44 and later 2.12.43 and later Mitigations and Workarounds None. Acknowledgments None.

Goal Reached Thanks to every supporter — we hit 100%!

Tanium End User Notifications & Endpoint Configuration Toolset Arbitrary File Deletion Vulnerability (CVE-2025-15318)