Improper Link Resolution Vulnerability in Tanium Enforce
CVE-2025-15328

5MEDIUM

Key Information:

Vendor: Tanium
Status: Enforce
Vendor: CVE Published:; 5 February 2026

What is CVE-2025-15328?

Tanium has identified a vulnerability in Enforce that pertains to improper link resolution prior to file access, which may allow attackers to manipulate file access mechanics, potentially leading to unauthorized data access or exposure. Organizations using affected versions of Enforce should take proactive measures to update their systems and mitigate potential risks associated with this vulnerability.

Affected Version(s)

Enforce 2.7.0 < 2.7.314

Enforce 2.8.0 < 2.8.544

References

https://security.tanium.com/TAN-2025-007

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 5, 2026
Vulnerability Reserved
Dec 29, 2025

CVE-2025-15328 Data

JSON