An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module.
References
Link | Resource |
---|---|
https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93 | Exploit Third Party Advisory |
Configurations
History
29 Dec 2023, 02:21
Type | Values Removed | Values Added |
---|---|---|
First Time |
Heimdalsecurity thor
Microsoft windows Apple macos Heimdalsecurity Apple Microsoft |
|
References | () https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93 - Exploit, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
CWE | CWE-306 | |
CPE | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
Summary | (es) Se descubrió un problema en las versiones 3.4.2 y anteriores del agente Heimdal Thor en Windows y 2.6.9 y anteriores en macOS, que permite a los atacantes omitir el filtrado de red, ejecutar código arbitrario y obtener información confidencial a través del módulo de prevención de amenazas DarkLayer Guard. |
21 Dec 2023, 02:24
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
21 Dec 2023, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-21 01:15
Updated : 2023-12-29 02:21
NVD link : CVE-2023-29485
Mitre link : CVE-2023-29485
CVE.ORG link : CVE-2023-29485
JSON object : View
Products Affected
apple
- macos
microsoft
- windows
heimdalsecurity
- thor
CWE
CWE-306
Missing Authentication for Critical Function