CVE-2023-29485

Опубликовано: 21 дек. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module. NOTE: Heimdal disputes the validity of this issue arguing that their DNS Security for Endpoint filters DNS traffic on the endpoint by intercepting system-generated DNS requests. The product was not designed to intercept DNS requests from third-party solutions.

Ссылки

https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93
Exploit
Third Party Advisory
https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*

Версия до 3.5.3 (включая)

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*

Версия до 2.6.9 (включая)

cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

EPSS

Процентиль: 18%

0.00058

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-306

Связанные уязвимости

GHSA-59fq-5jw2-685q