Cyber Resilience

CVE-2025-15344

Medium

Published: 29 January 2026

Published
29 January 2026
Modified
09 March 2026
KEV Added
Patch
CVSS Score v3.1 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS Score 0.0027 17.7th percentile
Risk Priority 35 floored blend · peak EPSS

Summary

CVE-2025-15344 is a medium-severity SQL Injection (CWE-89) vulnerability in Tanium Asset. Its CVSS base score is 6.3 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 17.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-15344 is a SQL injection vulnerability (CWE-89) affecting the Asset component in Tanium software. Tanium has addressed the issue, with the CVE published on 2026-01-29T00:16:06.930. The vulnerability carries a CVSS v3.1 base score of 6.3, rated as AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L.

An attacker with low privileges (PR:L) and network access (AV:N) can exploit this vulnerability with low complexity (AC:L) and no user interaction (UI:N). Successful exploitation allows limited impacts on confidentiality, integrity, and availability (C:L/I:L/A:L) within the unchanged scope (S:U), enabling SQL injection to potentially manipulate database queries.

Tanium's security advisory TAN-2025-035 provides details on the vulnerability and mitigation, available at https://security.tanium.com/TAN-2025-035.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Tanium addressed a SQL injection vulnerability in Asset.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

SQL injection in a network-accessible Asset component directly maps to exploitation of a public-facing (or remotely reachable) application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-2435Same product: Tanium Asset
CVE-2026-9208Same vendor: Tanium
CVE-2026-24956Shared CWE-89
CVE-2026-33615Shared CWE-89
CVE-2025-28939Shared CWE-89
CVE-2021-47872Shared CWE-89
CVE-2025-28873Shared CWE-89
CVE-2019-25636Shared CWE-89
CVE-2026-32611Shared CWE-89
CVE-2026-42755Shared CWE-89

Affected Assets

tanium
asset
≤ 1.28.254 · 1.32 — 1.32.161 · 1.33 — 1.33.250

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation and sanitization of all inputs to the Asset component, blocking crafted SQL statements before they reach the database.

prevent

Restricts the database privileges of the low-privileged accounts used by Asset, limiting the confidentiality/integrity/availability impact even if injection succeeds.

prevent

Mandates prompt application of the vendor patch described in TAN-2025-035, eliminating the SQL injection flaw in the Asset component.

References