CVE-2023-29485

An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module. NOTE: Heimdal disputes the validity of this issue arguing that their DNS Security for Endpoint filters DNS traffic on the endpoint by intercepting system-generated DNS requests. The product was not designed to intercept DNS requests from third-party solutions.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93	Exploit Third Party Advisory
https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*

cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2023-12-21 01:15

Updated : 2024-11-21 07:57

NVD link : CVE-2023-29485

Mitre link : CVE-2023-29485

CVE.ORG link : CVE-2023-29485

JSON object : View

Products Affected

microsoft

windows

apple

macos

heimdalsecurity

thor

CWE

CWE-306

Missing Authentication for Critical Function

{"id": "CVE-2023-29485", "cveTags": [{"tags": ["disputed"], "sourceIdentifier": "cve@mitre.org"}], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2023-12-21T01:15:32.700", "references": [{"url": "https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module. NOTE: Heimdal disputes the validity of this issue arguing that their DNS Security for Endpoint filters DNS traffic on the endpoint by intercepting system-generated DNS requests. The product was not designed to intercept DNS requests from third-party solutions."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en las versiones 3.4.2 y anteriores del agente Heimdal Thor en Windows y 2.6.9 y anteriores en macOS, que permite a los atacantes omitir el filtrado de red, ejecutar c\u00f3digo arbitrario y obtener informaci\u00f3n confidencial a trav\u00e9s del m\u00f3dulo de prevenci\u00f3n de amenazas DarkLayer Guard."}], "lastModified": "2024-11-21T07:57:09.297", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A77CAF90-FF93-4F80-9FF8-6318D80BA966", "versionEndIncluding": "3.5.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF6E8BE4-9359-4FFE-AAF5-91CEF7EF892F", "versionEndIncluding": "2.6.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}