CVE-2023-6080

Summary

Lakeside Software’s SysTrack LsiAgent Installer version 10.7.8 for Windows contains a local privilege escalation vulnerability which allows attackers SYSTEM level access.

Affected Software

VendorProductVersion RangeStatus
Lakeside SoftwareSysTrack LsiAgent Installer10.7.8 < 11.0affected

Weaknesses

  • CWE-379: CWE-379: Creation of Temporary File in a Directory with Insecure Permissions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References