Primary

Context

Tanium Server and Module Server Local Privilege Escalation Vulnerability

Vulnerability

Patched

A local privilege escalation vulnerability has been identified in Tanium Server and Tanium Module Server. This issue affects versions 7.4.6 prior to 7.4.6.1151, 7.5.6 prior to 7.5.6.1161, as well as the 2024H1 and 2024H2 releases of both products. The vulnerability allows an attacker with low privileged access to an appliance to escalate privileges locally by invoking specific plugins.

Impact

Exploitation of this vulnerability could enable an attacker to gain elevated privileges on the affected system, potentially leading to unauthorized access or actions within the Tanium environment.

Remediation

Users can upgrade to Tanium Server or Tanium Module Server versions 7.4.6.1151, 7.5.6.1161, or later. For the 2024H1 release, Tanium Module Server and Tanium Server users should update to version 7.6.2.1293 or later. For the 2024H2 release, the recommended update is version 7.6.4.2114 or later.

Added: Feb 10, 2026, 1:51 AM

Updated: Feb 10, 2026, 1:51 AM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

2.5

exploitability

3.1

remediation

7.7

relevance

2.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

2.5

exploitability

3.1

remediation

7.7

relevance

2.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tanium Server and Module Server Local Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Tanium Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating