CVE-2023-29485 - OpenCVE

An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Microsoft	Windows
Apple	Macos
Heimdalsecurity	Thor

Configuration 1 [-]

AND

cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*

cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

References

Link	Resource
https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2023-12-21T00:00:00

Updated: 2023-12-21T00:51:25.155858

Reserved: 2023-04-07T00:00:00

Link: CVE-2023-29485

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-12-21T01:15:32.700

Modified: 2023-12-29T02:21:17.843

Link: CVE-2023-29485

JSON object: View

Redhat Information

No data.

CWE

CWE-306

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*", "matchCriteriaId": "A77CAF90-FF93-4F80-9FF8-6318D80BA966", "versionEndIncluding": "3.5.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*", "matchCriteriaId": "AF6E8BE4-9359-4FFE-AAF5-91CEF7EF892F", "versionEndIncluding": "2.6.9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en las versiones 3.4.2 y anteriores del agente Heimdal Thor en Windows y 2.6.9 y anteriores en macOS, que permite a los atacantes omitir el filtrado de red, ejecutar c\u00f3digo arbitrario y obtener informaci\u00f3n confidencial a trav\u00e9s del m\u00f3dulo de prevenci\u00f3n de amenazas DarkLayer Guard."}], "id": "CVE-2023-29485", "lastModified": "2023-12-29T02:21:17.843", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-12-21T01:15:32.700", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "nvd@nist.gov", "type": "Primary"}]}