CVE-2023-29485

An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module. NOTE: Heimdal disputes the validity of this issue arguing that their DNS Security for Endpoint filters DNS traffic on the endpoint by intercepting system-generated DNS requests. The product was not designed to intercept DNS requests from third-party solutions.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

History

25 Sep 2024, 20:15

Type Values Removed Values Added
Summary (en) An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module. (en) An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module. NOTE: Heimdal disputes the validity of this issue arguing that their DNS Security for Endpoint filters DNS traffic on the endpoint by intercepting system-generated DNS requests. The product was not designed to intercept DNS requests from third-party solutions.

29 Dec 2023, 02:21

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
CWE CWE-306
References () https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93 - () https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93 - Exploit, Third Party Advisory
First Time Heimdalsecurity thor
Apple
Heimdalsecurity
Microsoft windows
Apple macos
Microsoft
CPE cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*

21 Dec 2023, 02:24

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-21 01:15

Updated : 2024-09-25 20:15


NVD link : CVE-2023-29485

Mitre link : CVE-2023-29485

CVE.ORG link : CVE-2023-29485


JSON object : View

Products Affected

apple

  • macos

microsoft

  • windows

heimdalsecurity

  • thor
CWE
CWE-306

Missing Authentication for Critical Function