CVE-2026-35099

| EUVD-2026-17917 HIGH
2026-04-01 mitre GHSA-jhjf-xmxj-grf3
7.4
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Apr 01, 2026 - 16:00 vuln.today
EUVD ID Assigned
Apr 01, 2026 - 16:00 euvd
EUVD-2026-17917
CVE Published
Apr 01, 2026 - 15:39 nvd
HIGH 7.4

Tags

Privilege Escalation Race Condition

Description

Lakeside SysTrack Agent 11 before 11.2.1.28 has a race condition with resultant Local Privilege Escalation to SYSTEM.

Analysis

Local privilege escalation to SYSTEM via race condition in Lakeside SysTrack Agent 11 (versions prior to 11.2.1.28) allows unauthenticated local attackers to gain complete system control through timing-dependent exploitation. EPSS risk assessment and KEV status not available at time of analysis; no public exploit identified at time of analysis. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Remediation

Within 24 hours: Identify all endpoints running Lakeside SysTrack Agent versions prior to 11.2.1.28 and document current inventory. Within 7 days: Evaluate upgrade feasibility to version 11.2.1.28 or later and test in non-production environment. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

37
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +37
POC: 0

Share

CVE-2026-35099 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy