Description
Tanium addressed a use-after-free vulnerability in the Cloud Workloads Enforce client extension.
Published: 2026-02-19
Score: 4.7 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Potential memory corruption
Action: Apply Patch
AI Analysis

Impact

Tanium has identified a use‑after‑free flaw in the Cloud Workloads Enforce client extension that can corrupt memory. The weakness is categorized as CWE‑416. The description does not detail specific exploitation steps, but a use‑after‑free condition typically permits a malicious entity to manipulate program behavior once the freed memory has been reallocated.

Affected Systems

The vulnerability affects Tanium’s Cloud Workloads product, specifically the Enforce client extension. It is present in the service_cloudworkloads version 1.0.221. No other specific versions are listed in the advisory; vendors are advised to review all releases of the Cloud Workloads service for the presence of the patch that addresses the flaw.

Risk and Exploitability

The CVSS score of 4.7 indicates a moderate severity, while the EPSS score of less than 1% reflects a low likelihood of exploitation at this time. The vulnerability is not included in the CISA KEV catalog. Based on the nature of a use‑after‑free flaw and the absence of explicit attack‑vector details, the likely exploitation scenario involves remote interaction with the Cloud Workloads service, potentially requiring crafted input to trigger the memory corruption.

Generated by OpenCVE AI on April 18, 2026 at 11:39 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the Tanium update that fixes the use‑after‑free issue in the Cloud Workloads Enforce client extension
  • If an immediate update is not available, disable or remove the Enforce client extension until the vendor releases a fix
  • Continuously monitor for abnormal activity in the Cloud Workloads environment and keep the system updated with future vendor patches

Generated by OpenCVE AI on April 18, 2026 at 11:39 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://security.tanium.com/TAN-2026-005 cve-icon cve-icon
History

Mon, 02 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 27 Feb 2026 22:00:00 +0000

Type Values Removed Values Added
First Time appeared Tanium cloud Workloads
CPEs cpe:2.3:a:tanium:cloud_workloads:*:*:*:*:*:*:*:*
Vendors & Products Tanium cloud Workloads

Thu, 19 Feb 2026 23:30:00 +0000

Type Values Removed Values Added
Description Tanium addressed a use-after-free vulnerability in the Cloud Workloads Enforce client extension.
Title Use-after-free in Cloud Workloads
First Time appeared Tanium
Tanium service Cloudworkloads
Weaknesses CWE-416
CPEs cpe:2.3:a:tanium:service_cloudworkloads:1.0.221:*:*:*:*:*:*:*
Vendors & Products Tanium
Tanium service Cloudworkloads
References
Metrics cvssV3_1

{'score': 4.7, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Subscriptions

Tanium Cloud Workloads Service Cloudworkloads
cve-icon MITRE

Status: PUBLISHED

Assigner: Tanium

Published:

Updated: 2026-03-02T15:55:09.813Z

Reserved: 2026-02-12T13:49:49.307Z

Link: CVE-2026-2408

cve-icon Vulnrichment

Updated: 2026-03-02T15:55:02.625Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-20T00:16:17.930

Modified: 2026-02-27T21:56:07.003

Link: CVE-2026-2408

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T11:45:44Z

Weaknesses