Primary

Context

Tanium Enforce Incorrect Default Permissions Vulnerability Allowing Unauthorized Access to Platform Content

Vulnerability

A vulnerability has been identified in Tanium Enforce, related to incorrect default permissions. This issue affects Enforce versions prior to Update 24 in the 2024H1 release, prior to Update 13 in the 2024H2 release, and prior to Update 7 in the 2025H1 release. The vulnerability could allow an authenticated Tanium user with the 'Enforce Service Account' permission to read or write all platform content.

Impact

Exploitation of this vulnerability could enable an authenticated user with the 'Enforce Service Account' permission to gain unauthorized read or write access to all platform content.

Remediation

Users can upgrade to Tanium Enforce Update 24 (v2.7.367), Update 13 (v2.8.601), or Update 7 (v2.9.574) to address this vulnerability.

Added: Feb 5, 2026, 7:23 PM

Updated: Feb 5, 2026, 8:50 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

2.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

2.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tanium Enforce Incorrect Default Permissions Vulnerability Allowing Unauthorized Access to Platform Content

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating