Tanium Endpoint Configuration Toolset Solution and End User Notifications Arbitrary File Deletion Vulnerability

An arbitrary file deletion vulnerability has been identified in Tanium's Endpoint Configuration Toolset Solution and End User Notifications. This vulnerability affects users with access to systems running the Tanium Client, allowing them to delete files or folders they should not have access to. The issue is present in Tanium EUSS versions 1.17 prior to 1.17.41 and 1.18 prior to 1.18.28, as well as in the Endpoint Configuration Toolset Solution prior to Update 2 (v1.47.10) and End User Notifications prior to version 1.18.1105.

Impact

Exploitation of this vulnerability could lead to unauthorized deletion of files or folders on systems running the Tanium Client.

Remediation

Users can upgrade to Tanium Endpoint Configuration Toolset Solution version 1.40.42 or later, or to End User Notifications version 1.18.1105 or later. Tanium on-prem customers who use ECM should deploy specific Manifests to all endpoints. Tanium Cloud customers who use ECM should also deploy one of the specified Manifests to all endpoints.