CVE-2023-29485

First published: Thu Dec 21 2023(Updated: )

An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module. NOTE: Heimdal disputes the validity of this issue arguing that their DNS Security for Endpoint filters DNS traffic on the endpoint by intercepting system-generated DNS requests. The product was not designed to intercept DNS requests from third-party solutions.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
All of
Heimdalsecurity Thor	<=3.5.3
Microsoft Windows
All of
Heimdalsecurity Thor	<=2.6.9
Apple macOS

Never miss a vulnerability like this again

Reference Links

https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93

agent/type
agent/event
agent/softwarecombine
agent/first-publish-date
agent/severity
agent/references
agent/weakness
agent/author
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/description
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/source
vendor/heimdalsecurity
canonical/heimdalsecurity thor
version/heimdalsecurity thor/3.5.3
vendor/microsoft
canonical/microsoft windows
version/heimdalsecurity thor/2.6.9
vendor/apple
canonical/apple macos

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.