CVE-2023-29486: 
Homebrew vulnerability analysis and mitigation

An issue was discovered in Heimdal Thor agent versions 3.4.2 and before 3.7.0 on Windows that allows attackers to bypass USB access restrictions, execute arbitrary code, and obtain sensitive information via the Next-Gen Antivirus component. This vulnerability is disputed by Heimdal, who argues that the limitation is a Microsoft Windows issue, not Heimdal-specific, as their USB control solution is meant to manage Microsoft Windows native USB restrictions (NVD).

The vulnerability allows attackers to bypass USB storage access restrictions through two primary methods: using Android Debug Bridge (ADB) with a phone that has debug options enabled, or utilizing a VM controller that enables USB access inside the virtual machine without restrictions. The issue has been assigned a CVSS v3.1 base score of 9.8 (CRITICAL) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (Heimdal Advisory).

The vulnerability significantly impacts the integrity of affected endpoints and the confidentiality of data by allowing unauthorized access to USB storage devices. This bypass of security controls could potentially lead to data exfiltration or the introduction of malicious content through USB devices (Heimdal Advisory).

The vulnerability has been fixed in Heimdal Thor agent version 3.7.0. Organizations using affected versions should upgrade to version 3.7.0 or later to resolve this security issue (Heimdal Advisory).