What is the severity of CVE-2023-29485?

CVE-2023-29485 is considered a critical vulnerability due to its potential to allow attackers to bypass network security measures and execute arbitrary code.

How do I fix CVE-2023-29485?

To mitigate CVE-2023-29485, users should upgrade to Heimdal Thor version 3.5.4 or later on Windows and version 2.6.10 or later on macOS.

Which versions of Heimdal Thor are affected by CVE-2023-29485?

CVE-2023-29485 affects Heimdal Thor versions 3.4.2 and earlier on Windows and versions 2.6.9 and earlier on macOS.

What risks are associated with CVE-2023-29485?

Exploiting CVE-2023-29485 can lead to arbitrary code execution and unauthorized access to sensitive information.

Does Heimdal dispute the validity of CVE-2023-29485?

Yes, Heimdal has disputed the validity of CVE-2023-29485.

Vulnerability/
CVE-2023-29485

critical

9.8

CWE

306

21/12/2023

25/9/2024

CVE-2023-29485

First published: Thu Dec 21 2023(Updated: )

An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module. NOTE: Heimdal disputes the validity of this issue arguing that their DNS Security for Endpoint filters DNS traffic on the endpoint by intercepting system-generated DNS requests. The product was not designed to intercept DNS requests from third-party solutions.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
All of
Heimdalsecurity Thor	<=3.5.3
Microsoft Windows
All of
Heimdalsecurity Thor	<=2.6.9
Apple iOS and macOS

Never miss a vulnerability like this again

Reference Links

https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93

Frequently Asked Questions

What is the severity of CVE-2023-29485?
CVE-2023-29485 is considered a critical vulnerability due to its potential to allow attackers to bypass network security measures and execute arbitrary code.
How do I fix CVE-2023-29485?
To mitigate CVE-2023-29485, users should upgrade to Heimdal Thor version 3.5.4 or later on Windows and version 2.6.10 or later on macOS.
Which versions of Heimdal Thor are affected by CVE-2023-29485?
CVE-2023-29485 affects Heimdal Thor versions 3.4.2 and earlier on Windows and versions 2.6.9 and earlier on macOS.
What risks are associated with CVE-2023-29485?
Exploiting CVE-2023-29485 can lead to arbitrary code execution and unauthorized access to sensitive information.
Does Heimdal dispute the validity of CVE-2023-29485?
Yes, Heimdal has disputed the validity of CVE-2023-29485.

agent/type
agent/event
agent/softwarecombine
agent/first-publish-date
agent/severity
agent/references
agent/weakness
agent/author
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/description
agent/source
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/heimdalsecurity
canonical/heimdalsecurity thor
version/heimdalsecurity thor/3.5.3
vendor/microsoft
canonical/microsoft windows
version/heimdalsecurity thor/2.6.9
vendor/apple
canonical/apple ios and macos

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.