CVE-2023-6080

Lakeside Software’s SysTrack LsiAgent Installer version 10.7.8 for Windows contains a local privilege escalation vulnerability which allows attackers SYSTEM level access.
Configurations

Configuration 1 (hide)

cpe:2.3:a:lakesidesoftware:systrack_lsiagent:*:*:*:*:*:windows:*:*

History

30 Oct 2024, 20:12

Type Values Removed Values Added
First Time Lakesidesoftware
Lakesidesoftware systrack Lsiagent
References () https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2024/MNDT-2024-0009.md - () https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2024/MNDT-2024-0009.md - Third Party Advisory
References () https://www.cve.org/CVERecord?id=CVE-2023-6080 - () https://www.cve.org/CVERecord?id=CVE-2023-6080 - US Government Resource
References () https://www.lakesidesoftware.com/ - () https://www.lakesidesoftware.com/ - Product
CWE NVD-CWE-Other
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
CPE cpe:2.3:a:lakesidesoftware:systrack_lsiagent:*:*:*:*:*:windows:*:*

21 Oct 2024, 17:10

Type Values Removed Values Added
Summary
  • (es) La versión 10.7.8 del instalador SysTrack LsiAgent de Lakeside Software para Windows contiene una vulnerabilidad de escalada de privilegios locales que permite a los atacantes acceso a nivel de SYSTEM.

18 Oct 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-18 17:15

Updated : 2024-10-30 20:12


NVD link : CVE-2023-6080

Mitre link : CVE-2023-6080

CVE.ORG link : CVE-2023-6080


JSON object : View

Products Affected

lakesidesoftware

  • systrack_lsiagent
CWE
NVD-CWE-Other CWE-379

Creation of Temporary File in Directory with Insecure Permissions