Skip to main content

Systrack Agent

2 CVEs product

Monthly

CVE-2026-39929 HIGH PATCH This Week

Remote denial of service in Lakeside SysTrack Agent (lsiagent.exe) allows unauthenticated network attackers to crash the endpoint monitoring agent by sending a single malformed UDP packet to the Command ID 30 handler. The flaw was reported by VulnCheck and carries a CVSS 4.0 score of 8.7 reflecting high availability impact with no privileges or user interaction required; no public exploit identified at time of analysis, though VulnCheck has published an advisory describing the trigger.

Information Disclosure Denial Of Service Buffer Overflow Systrack Agent
NVD
CVSS 4.0
8.7
EPSS
0.1%
CVE-2026-35099 HIGH PATCH This Week

Local privilege escalation to SYSTEM via race condition in Lakeside SysTrack Agent 11 (versions prior to 11.2.1.28) allows unauthenticated local attackers to gain complete system control through timing-dependent exploitation. EPSS risk assessment and KEV status not available at time of analysis; no public exploit identified at time of analysis. Attack complexity is rated high, requiring precise timing manipulation of concurrent operations.

Privilege Escalation Race Condition Systrack Agent
NVD VulDB
CVSS 3.1
7.4
EPSS
0.0%
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Remote denial of service in Lakeside SysTrack Agent (lsiagent.exe) allows unauthenticated network attackers to crash the endpoint monitoring agent by sending a single malformed UDP packet to the Command ID 30 handler. The flaw was reported by VulnCheck and carries a CVSS 4.0 score of 8.7 reflecting high availability impact with no privileges or user interaction required; no public exploit identified at time of analysis, though VulnCheck has published an advisory describing the trigger.

Information Disclosure Denial Of Service Buffer Overflow +1
NVD
EPSS 0% CVSS 7.4
HIGH PATCH This Week

Local privilege escalation to SYSTEM via race condition in Lakeside SysTrack Agent 11 (versions prior to 11.2.1.28) allows unauthenticated local attackers to gain complete system control through timing-dependent exploitation. EPSS risk assessment and KEV status not available at time of analysis; no public exploit identified at time of analysis. Attack complexity is rated high, requiring precise timing manipulation of concurrent operations.

Privilege Escalation Race Condition Systrack Agent
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy