CVE-2023-29485

Name of the Vulnerable Software and Affected Versions Heimdal Thor agent versions 3.4.2 and before on Windows Heimdal Thor agent versions 2.6.9 and before on macOS

Description An issue in the Heimdal Thor agent allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via the DarkLayer Guard threat prevention module. The vendor disputes the validity of this issue, arguing that their DNS Security for Endpoint filters DNS traffic on the endpoint by intercepting system-generated DNS requests, and the product was not designed to intercept DNS requests from third-party solutions.

Recommendations For Heimdal Thor agent versions 3.4.2 and before on Windows, consider disabling the DarkLayer Guard threat prevention module until a patch is available. For Heimdal Thor agent versions 2.6.9 and before on macOS, consider disabling the DarkLayer Guard threat prevention module until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.