Cyber Resilience

CVE-2025-15319

High

Published: 09 February 2026

Published
09 February 2026
Modified
09 March 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0001 1.0th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-15319 is a high-severity Link Following (CWE-59) vulnerability in Tanium Patch Endpoint Tools. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 1.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-25 (Reference Monitor) and AC-6 (Least Privilege).

Deeper analysis

CVE-2025-15319 is a local privilege escalation vulnerability in Tanium's Patch Endpoint Tools. Tanium has addressed the issue, which falls under CWE-59 (Improper Link Resolution Before File Access) and carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). The vulnerability was published on 2026-02-09T23:16:05.153.

A local attacker with low privileges (PR:L) can exploit this vulnerability given local access (AV:L), low attack complexity (AC:L), and no user interaction (UI:N). Successful exploitation enables high-impact privileges, compromising confidentiality, integrity, and availability (C:H/I:H/A:H) without changing scope (S:U).

Tanium's security advisory TAN-2025-021 at https://security.tanium.com/TAN-2025-021 provides details on patches and mitigation steps.

EU & UK References

Vulnerability details

Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local privilege escalation vulnerability (CWE-59) directly enables exploitation for privilege escalation from low-privileged local access.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-15310Same product: Tanium Patch Endpoint Tools
CVE-2025-15316Same vendor: Tanium
CVE-2025-15314Same vendor: Tanium
CVE-2025-15315Same vendor: Tanium
CVE-2025-15313Same vendor: Tanium
CVE-2025-15311Same vendor: Tanium
CVE-2025-60710Shared CWE-59
CVE-2026-42834Shared CWE-59
CVE-2025-21373Shared CWE-59
CVE-2026-2627Shared CWE-59

Affected Assets

tanium
patch endpoint tools
3.17 — 3.17.10207 · 10.1 — 10.1.50 · 10.7 — 10.7.25

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates CVE-2025-15319 by requiring timely identification, prioritization, testing, and patching of the local privilege escalation flaw in Tanium Patch Endpoint Tools.

prevent

Enforces least privilege to limit the scope and impact of local low-privilege (PR:L) attackers exploiting improper link resolution before file access.

prevent

Implements a reference monitor to mediate and enforce access control policies, countering the CWE-59 improper link resolution that enables privilege escalation.

References