CVE-2023-6080

HIGH

Lakesidesoftware Systrack Lsiagent < 11.0 - Privilege Escalation

Title source: rule

Description

Lakeside Software’s SysTrack LsiAgent Installer version 10.7.8 for Windows contains a local privilege escalation vulnerability which allows attackers SYSTEM level access.

References (3)

[Third Party Advisory] https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2024/MNDT-2024-0009.md

View Writeup ZIP pw:eip

[US Government Resource] https://www.cve.org/CVERecord?id=CVE-2023-6080

[Product] https://www.lakesidesoftware.com/

Scores

CVSS v3 7.8

EPSS 0.0018

EPSS Percentile 39.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-379

Status published

Affected Products (1)

lakesidesoftware/systrack_lsiagent < 11.0

Timeline

Published Oct 18, 2024

Tracked Since Feb 18, 2026