CVE-2023-29485

Published: Dec 21, 2023Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module. NOTE: Heimdal disputes the validity of this issue arguing that their DNS Security for Endpoint filters DNS traffic on the endpoint by intercepting system-generated DNS requests. The product was not designed to intercept DNS requests from third-party solutions.

Affected (2)

Products: Heimdalsecurity: Thor

Heimdalsecurity

1 product

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Heimdalsecurity Thor	Up to 3.5.3

Running on/with	Platform Versions
Microsoft Windows	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Heimdalsecurity Thor	Up to 2.6.9

Running on/with	Platform Versions
Apple Macos	All versions

Related CWEs

Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References (2)

https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93

Source: cve@mitre.org

ExploitThird Party Advisory

https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.