CVE-2023-29485

An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module. NOTE: Heimdal disputes the validity of this issue arguing that their DNS Security for Endpoint filters DNS traffic on the endpoint by intercepting system-generated DNS requests. The product was not designed to intercept DNS requests from third-party solutions.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:57

Type Values Removed Values Added
References () https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93 - Exploit, Third Party Advisory () https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93 - Exploit, Third Party Advisory

25 Sep 2024, 20:15

Type Values Removed Values Added
Summary (en) An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module. (en) An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module. NOTE: Heimdal disputes the validity of this issue arguing that their DNS Security for Endpoint filters DNS traffic on the endpoint by intercepting system-generated DNS requests. The product was not designed to intercept DNS requests from third-party solutions.

29 Dec 2023, 02:21

Type Values Removed Values Added
References () https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93 - () https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93 - Exploit, Third Party Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
CPE cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*
First Time Heimdalsecurity thor
Apple
Heimdalsecurity
Microsoft windows
Apple macos
Microsoft
CWE CWE-306

21 Dec 2023, 02:24

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-21 01:15

Updated : 2024-11-21 07:57


NVD link : CVE-2023-29485

Mitre link : CVE-2023-29485

CVE.ORG link : CVE-2023-29485


JSON object : View

Products Affected

heimdalsecurity

  • thor

microsoft

  • windows

apple

  • macos
CWE
CWE-306

Missing Authentication for Critical Function