Arbitrary File Deletion Vulnerability in Tanium's End-User-CX
CVE-2025-15314

5.5MEDIUM

Key Information:

Vendor: Tanium
Status: End-user-cx
Vendor: CVE Published:; 9 February 2026

What is CVE-2025-15314?

An arbitrary file deletion vulnerability was identified in Tanium's End-User-CX product, allowing attackers to delete files on the affected system. This flaw could potentially lead to loss of crucial data or disruption of services. It is essential for users of the affected versions to apply the latest patches provided by Tanium to safeguard their systems from potential exploitation.

Affected Version(s)

end-user-cx 1.4.0 < 1.4.1175

end-user-cx 1.6.0 < 1.6.926

end-user-cx 1.8.0 < 1.8.21

References

https://security.tanium.com/TAN-2025-010

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 9, 2026
Vulnerability Reserved
Dec 29, 2025

CVE-2025-15314 Data

JSON