Description
Tanium addressed an unauthorized code execution vulnerability in Connect.
Published: 2026-05-27
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability in Tanium Connect allows an attacker to execute arbitrary code, effectively granting remote code execution privileges. It arises from a weakness classified as CWE‑78, indicating an OS command injection flaw. The official description does not detail the specific conditions or attacker requirements, but the capability to run arbitrary commands would enable full compromise of the host where Connect is deployed.

Affected Systems

Tanium Connect is the sole product mentioned as affected. No particular versions or operating system contexts are listed in the available data.

Risk and Exploitability

The CVSS score of 8.8 classifies this flaw as high severity, suggesting significant impact if exploited. The EPSS value is not available, so the current exploitation probability is unknown; however, the lack of listing in the CISA KEV catalog indicates no widespread, publicly documented use as of now. Because the advisory does not state an explicit attack vector, it is inferred that the flaw could be leveraged remotely or by privileged local users. The combination of a high CVSS and the potential for arbitrary command execution results in a substantial risk to affected installations.

Generated by OpenCVE AI on May 27, 2026 at 22:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Tanium Connect patch as detailed in the Tanium security advisory at https://security.tanium.com/TAN-2026-015.
  • Disallow remote or local services that expose the Connect interface until the patch is installed.
  • Restrict the permissions of the accounts under which Tanium Connect runs to the minimum required privileges.
  • Implement logging and alerting for anomalous command execution patterns to detect attempted exploitation.

Generated by OpenCVE AI on May 27, 2026 at 22:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://security.tanium.com/TAN-2026-015 cve-icon cve-icon
History

Thu, 28 May 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 28 May 2026 01:45:00 +0000

Type Values Removed Values Added
First Time appeared Tanium
Tanium connect
Vendors & Products Tanium
Tanium connect

Wed, 27 May 2026 21:45:00 +0000

Type Values Removed Values Added
Description Tanium addressed an unauthorized code execution vulnerability in Connect.
Title Tanium addressed an unauthorized code execution vulnerability in Connect.
Weaknesses CWE-78
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Tanium Connect
cve-icon MITRE

Status: PUBLISHED

Assigner: Tanium

Published:

Updated: 2026-05-28T13:22:32.052Z

Reserved: 2026-05-21T16:49:32.433Z

Link: CVE-2026-9208

cve-icon Vulnrichment

Updated: 2026-05-28T13:22:27.377Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-27T22:16:37.097

Modified: 2026-05-29T02:47:03.023

Link: CVE-2026-9208

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-28T01:30:03Z

Weaknesses