CVE-2023-29487: 
Homebrew vulnerability analysis and mitigation

An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, which allows attackers to cause a denial of service (DoS) via the Threat To Process Correlation threat prevention module. This vulnerability was later disputed by Heimdal, who asserted that their DNS Security for Endpoint solution includes an optional feature to provide extra information on the originating process that made a DNS request, and the lack of process identification in DNS logs was falsely categorized as a DoS issue (NVD).

The vulnerability affects the Threat to Process Correlation (TTPC) component of Heimdal Thor's threat prevention modules. The issue manifests as an inability to consistently display correct information about offending processes. When attempting to identify security violations, the system sometimes fails to fingerprint or identify the offending processes, leaving relevant fields blank. This inconsistency in process identification impacts the reliability of threat detection and investigation capabilities (Heimdal Advisory).

The vulnerability affects the integrity and availability of data for security investigations. When the TTPC component fails to identify offending processes correctly, it hampers the ability to track and investigate security violations effectively. This inconsistency in process identification can lead to incomplete security logs and potentially missed security threats (Heimdal Advisory).

While Heimdal disputes this as a valid vulnerability, they acknowledge that the DNS Security for Endpoint solution includes an optional feature for providing extra information about originating processes that make DNS requests. The vendor has indicated they are working on improvements to address the process identification consistency issues (NVD).