A vulnerability allowing incorrect default permissions has been identified in Tanium's Benchmark, Comply, Discover, Partner Integration, Patch, and Performance products. This vulnerability affects several versions prior to specific update releases, allowing authenticated users with certain service account permissions to read and write all platform content.
Exploitation of this vulnerability could enable an authenticated user with specific service account permissions to read and write all platform content, potentially leading to unauthorized data manipulation or access.
Users can update to the latest versions of the affected products to address this vulnerability. Specific update versions can be found in the Tanium Security Advisory TAN-2025-029.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
