Vulnerability Details : CVE-2023-29485
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module. NOTE: Heimdal disputes the validity of this issue arguing that their DNS Security for Endpoint filters DNS traffic on the endpoint by intercepting system-generated DNS requests. The product was not designed to intercept DNS requests from third-party solutions.
Vulnerability category: Execute code
Products affected by CVE-2023-29485
- cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*
- cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-29485
0.34%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 71 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-29485
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2023-29485
-
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.Assigned by: nvd@nist.gov (Primary)
References for CVE-2023-29485
-
https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93
Weaknesses in Heimdal’s Thor line of products | by Alexander Drabek | Dec, 2023 | MediumExploit;Third Party Advisory
Jump to