Cyber Resilience

CVE-2025-15330

High

Published: 05 February 2026

Published
05 February 2026
Modified
10 February 2026
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0034 25.7th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2025-15330 is a high-severity Missing Authorization (CWE-862) vulnerability in Tanium Deploy. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 25.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-15330 is an improper input validation vulnerability, classified under CWE-862, affecting Tanium Deploy. Tanium addressed this issue, which was published on 2026-02-05 with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), marking it as high severity due to its potential for significant impact.

The vulnerability can be exploited by an attacker with low privileges (PR:L) over the network (AV:N), requiring low attack complexity (AC:L) and no user interaction (UI:N). Successful exploitation enables high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H) within the unchanged scope (S:U), potentially allowing unauthorized access, data modification, or disruption of Tanium Deploy services.

Tanium's security advisory TAN-2025-012 provides details on mitigation, available at https://security.tanium.com/TAN-2025-012.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Tanium addressed an improper input validation vulnerability in Deploy.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
Why these techniques?

Missing authorization (CWE-862) in Tanium Deploy with low-priv network access enables remote service exploitation and privilege escalation to achieve high C/I/A impact.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-15310Same vendor: Tanium
CVE-2026-41378Shared CWE-862
CVE-2025-15316Same vendor: Tanium
CVE-2025-15311Same vendor: Tanium
CVE-2025-15315Same vendor: Tanium
CVE-2025-15319Same vendor: Tanium
CVE-2026-40502Shared CWE-862
CVE-2026-32658Shared CWE-862
CVE-2026-6506Shared CWE-862
CVE-2025-48574Shared CWE-862

Affected Assets

tanium
deploy
2.26.0 — 2.26.1279 · 2.30.0 — 2.30.175

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the improper input validation vulnerability by requiring validation and corrective action on all information inputs to ensure consistency with expected content.

prevent

Addresses the specific CVE by requiring timely identification, reporting, and risk-based remediation of software flaws like this high-severity input validation issue.

prevent

Complements input validation by restricting the types and quantities of information permitted at system interfaces, reducing the attack surface for malformed inputs.

References