Arbitrary File Deletion in Tanium Endpoint Configuration Toolset
CVE-2025-15318

5.1MEDIUM

Key Information:

Vendor

Tanium

Status
End-user Notifications Endpoint Tools
Vendor
CVE Published:
9 February 2026

What is CVE-2025-15318?

An arbitrary file deletion vulnerability exists in Tanium's Endpoint Configuration Toolset, which could allow unauthorized users to delete files on the system. This could lead to significant disruption and data loss, impacting the integrity of the system. Promptly addressing this vulnerability is crucial to maintaining robust security and protecting sensitive data.

Affected Version(s)

End-User Notifications Endpoint Tools 1.18.0 < 1.18.10079

End-User Notifications Endpoint Tools 10.0.0 < 10.0.14

End-User Notifications Endpoint Tools 10.1.0 < 10.1.20

References

https://security.tanium.com/TAN-2025-017

CVSS V3.1

Score:
5.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.