Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-15339

Summary
Assigner-Tanium
Assigner Org ID-3938794e-25f5-4123-a1ba-5cbd7f104512
Published At-05 Feb, 2026 | 18:16
Updated At-06 Feb, 2026 | 18:16
Rejected At-
Credits

Tanium addressed an incorrect default permissions vulnerability in Discover.

Tanium addressed an incorrect default permissions vulnerability in Discover.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Tanium
Assigner Org ID:3938794e-25f5-4123-a1ba-5cbd7f104512
Published At:05 Feb, 2026 | 18:16
Updated At:06 Feb, 2026 | 18:16
Rejected At:
â–¼CVE Numbering Authority (CNA)
Tanium addressed an incorrect default permissions vulnerability in Discover.

Tanium addressed an incorrect default permissions vulnerability in Discover.

Affected Products
Vendor
Tanium
Product
Discover
CPEs
  • cpe:2.3:a:tanium:service_discover:4.10.117:*:*:*:*:*:*:*
Versions
Affected
  • From 4.10.0 before 4.10.118 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-276Incorrect Default Permissions
Type: CWE
CWE ID: CWE-276
Description: Incorrect Default Permissions
Metrics
VersionBase scoreBase severityVector
3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://security.tanium.com/TAN-2025-029
N/A
Hyperlink: https://security.tanium.com/TAN-2025-029
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:3938794e-25f5-4123-a1ba-5cbd7f104512
Published At:05 Feb, 2026 | 19:15
Updated At:10 Feb, 2026 | 18:04

Tanium addressed an incorrect default permissions vulnerability in Discover.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Type: Secondary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
CPE Matches
tanium
tanium
>>discover>>Versions from 4.10.0(inclusive) to 4.10.118(exclusive)
cpe:2.3:a:tanium:discover:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-276Secondary3938794e-25f5-4123-a1ba-5cbd7f104512
CWE ID: CWE-276
Type: Secondary
Source: 3938794e-25f5-4123-a1ba-5cbd7f104512
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://security.tanium.com/TAN-2025-0293938794e-25f5-4123-a1ba-5cbd7f104512
Vendor Advisory
Hyperlink: https://security.tanium.com/TAN-2025-029
Source: 3938794e-25f5-4123-a1ba-5cbd7f104512
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

9Records found
CVE-2025-15341
Matching Score-10
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
ShareView Details
Matching Score-10
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 8.02%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 18:16
Updated-10 Feb, 2026 | 18:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tanium addressed an incorrect default permissions vulnerability in Benchmark.

Tanium addressed an incorrect default permissions vulnerability in Benchmark.

Action-Not Available
Vendor-taniumTanium
Product-benchmarkBenchmark
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2025-15338
Matching Score-10
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
ShareView Details
Matching Score-10
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 8.02%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 18:16
Updated-10 Feb, 2026 | 17:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tanium addressed an incorrect default permissions vulnerability in Partner Integration.

Tanium addressed an incorrect default permissions vulnerability in Partner Integration.

Action-Not Available
Vendor-taniumTanium
Product-partner_integrationPartner Integration
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2025-15337
Matching Score-10
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
ShareView Details
Matching Score-10
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 8.02%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 18:16
Updated-10 Feb, 2026 | 17:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tanium addressed an incorrect default permissions vulnerability in Patch.

Tanium addressed an incorrect default permissions vulnerability in Patch.

Action-Not Available
Vendor-taniumTanium
Product-patchPatch
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2025-15340
Matching Score-10
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
ShareView Details
Matching Score-10
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 6.71%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 18:16
Updated-10 Feb, 2026 | 17:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tanium addressed an incorrect default permissions vulnerability in Comply.

Tanium addressed an incorrect default permissions vulnerability in Comply.

Action-Not Available
Vendor-taniumTanium
Product-complyComply
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2025-15343
Matching Score-10
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
ShareView Details
Matching Score-10
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 8.02%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 18:11
Updated-10 Feb, 2026 | 17:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tanium addressed an incorrect default permissions vulnerability in Enforce.

Tanium addressed an incorrect default permissions vulnerability in Enforce.

Action-Not Available
Vendor-taniumTanium
Product-enforceEnforce
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2025-15336
Matching Score-10
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
ShareView Details
Matching Score-10
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 6.71%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 18:16
Updated-10 Feb, 2026 | 17:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tanium addressed an incorrect default permissions vulnerability in Performance.

Tanium addressed an incorrect default permissions vulnerability in Performance.

Action-Not Available
Vendor-taniumTanium
Product-performancePerformance
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2025-15333
Matching Score-6
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
ShareView Details
Matching Score-6
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
CVSS Score-4.3||MEDIUM
EPSS-0.03% / 8.08%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 18:20
Updated-10 Feb, 2026 | 17:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tanium addressed an information disclosure vulnerability in Threat Response.

Tanium addressed an information disclosure vulnerability in Threat Response.

Action-Not Available
Vendor-taniumTanium
Product-threat_responseThreat Response
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2025-15334
Matching Score-6
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
ShareView Details
Matching Score-6
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
CVSS Score-4.3||MEDIUM
EPSS-0.03% / 8.08%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 18:18
Updated-10 Feb, 2026 | 17:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tanium addressed an information disclosure vulnerability in Threat Response.

Tanium addressed an information disclosure vulnerability in Threat Response.

Action-Not Available
Vendor-taniumTanium
Product-threat_responseThreat Response
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2025-15335
Matching Score-6
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
ShareView Details
Matching Score-6
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
CVSS Score-4.3||MEDIUM
EPSS-0.03% / 8.08%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 18:17
Updated-10 Feb, 2026 | 17:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tanium addressed an information disclosure vulnerability in Threat Response.

Tanium addressed an information disclosure vulnerability in Threat Response.

Action-Not Available
Vendor-taniumTanium
Product-threat_responseThreat Response
CWE ID-CWE-276
Incorrect Default Permissions
Details not found