CVE: CVE-2025-15320 Identifier: TAN-2025-023 Date: August 19, 2025 Severity: Low Base Score: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Impact Description: The vulnerability could allow an attacker with access to a system running the Tanium Client to perform a denial of service attack against the Tanium Client API. Affected Versions: - Tanium Client 7.4 prior to version 7.4.10.1117. - 2024H1 Release: Tanium Client prior to Update 22 (v7.6.2.1327). - 2024H2 Release: Tanium Client prior to Update 11 (v7.6.4.2160). - 2025H1 Release: Tanium Client prior to Update 5 (v7.7.3.8231). - Tanium Client version 7.4.10.1117 and later: - 2024H1 Release: Update 22 (Tanium Client v7.6.2.1327) and later. - 2024H2 Release: Update 11 (Tanium Client v7.6.4.2160) and later. - 2025H1 Release: Update 5 (Tanium Client v7.7.3.8231) and later. Mitigations Workaround and Mitigations: None. Acknowledgements Tanium would like to thank Filip Waeytens, Frank Lycops, Jean-Michel Huguet, Jorge Escabias, and Justin Hocquel from the NCIA/NCSC for responsibly reporting this issue.